GitHub/kill-the-news
1
0
Fork 0
mirror of https://github.com/juherr/kill-the-news.git synced 2026-06-21 06:13:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: GitHub/kill-the-news:v0.2.1
Branches Tags
GitHub/kill-the-news:main GitHub/kill-the-news:dependabot/npm_and_yarn/hono-4.12.26 GitHub/kill-the-news:dependabot/github_actions/actions/checkout-7.0.0 GitHub/kill-the-news:dependabot/npm_and_yarn/scalar/hono-api-reference-0.11.4 GitHub/kill-the-news:dependabot/npm_and_yarn/dev-dependencies-15a227b788
GitHub/kill-the-news:v0.3.1 GitHub/kill-the-news:v0.3.0 GitHub/kill-the-news:v0.2.1 GitHub/kill-the-news:v0.2.0 GitHub/kill-the-news:v0.1.0 GitHub/kill-the-news:upstream
..
compare: GitHub/kill-the-news:v0.3.0
Branches Tags
GitHub/kill-the-news:dependabot/npm_and_yarn/hono-4.12.26 GitHub/kill-the-news:dependabot/github_actions/actions/checkout-7.0.0 GitHub/kill-the-news:dependabot/npm_and_yarn/scalar/hono-api-reference-0.11.4 GitHub/kill-the-news:dependabot/npm_and_yarn/dev-dependencies-15a227b788 GitHub/kill-the-news:main
GitHub/kill-the-news:v0.3.1 GitHub/kill-the-news:v0.3.0 GitHub/kill-the-news:v0.2.1 GitHub/kill-the-news:v0.2.0 GitHub/kill-the-news:v0.1.0 GitHub/kill-the-news:upstream

50 Commits
v0.2.1 .. v0.3.0

Author SHA1 Message Date
Julien Herr 0f18d4c123 refactor(app): parse sender once via EmailAddress, drop infra reach 
email-processor parsed input.from twice — once via EmailAddress for the
native-feed base, once via the favicon infra helper extractEmailDomain
just to get the domain. CLAUDE.md forbids reaching across a layer to
parse a domain: parse once and derive both siteBaseUrl() and domain.value
from the EmailAddress VO, removing the infrastructure/favicon-fetcher import.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 18:00:02 +02:00
Julien Herr e8078b2673 refactor(admin): extract shared FeedChip, dedupe native/format chips 
NativeFeedChip duplicated ~all of FormatChip's accessible copy-script
markup. Extract one FeedChip (copy + open + optional validate); both the
Subscribe formats and native feeds now render through it, keeping the
copyable-value/data-copy markup identical in one place.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 17:59:55 +02:00
Julien Herr ea7332b752 docs: document native feed detection; mark TODO item shipped 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 17:47:08 +02:00
Julien Herr 8cd8c940fa style(admin): pill-native + native-feeds group spacing 2026-05-25 17:44:31 +02:00
Julien Herr fe5728de59 feat(admin): native-feed detail group + dismissable notice 
Wire the NativeFeeds chip group into the per-feed emails page, add a
dismissable banner that nudges users to subscribe directly, the dismiss
POST route mirroring the confirmation-dismiss idiom, and the client-side
handler in emails-page.ts.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 17:39:47 +02:00
Julien Herr 35262d5d0b refactor(admin): dedupe feed label map + add chip key 2026-05-25 17:36:48 +02:00
Julien Herr a18d9f165f feat(admin): native feed chips + dashboard pill 
Add NativeFeeds/NativeFeedChip components to admin/ui.tsx and a
NativeFeedPill rendered in both list and table dashboard views when
feed.hasNativeFeed is set.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 17:33:10 +02:00
Julien Herr 8a0dbf25b0 feat(api): expose nativeFeeds on the REST Feed schema (read-only) 
GET /v1/feeds/{id} and PATCH /v1/feeds/{id} now include a required
nativeFeeds array (possibly empty) derived from the feed metadata via
unionNativeFeeds. POST /v1/feeds always returns [].

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 17:28:44 +02:00
Julien Herr 6236274ce8 refactor(app): derive native-feed base from EmailAddress.siteBaseUrl 
Delete the `iconBase` local helper (which mishandled display-name form
like `Name <a@b.com>`) and replace it with `EmailAddress.parse(input.from)
?.siteBaseUrl()` — the domain-layer VO that already handles bare and
display-name addresses correctly.  Adds TEST C to lock the
display-name + relative-href absolutization fix.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 17:25:52 +02:00
Julien Herr 5362d478e3 feat(app): detect native feeds during email ingestion 
Wire extractFeedLinks + detectNativeFeeds into storeEmail so that RSS/Atom/JSON
feed <link> tags in the newsletter HTML are detected and stored per-sender on the
feed metadata.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 17:22:05 +02:00
Julien Herr ee0e7eef5d feat(infra): project hasNativeFeed into feeds:list 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 17:18:19 +02:00
Julien Herr dc2ccfdd1c feat(domain): store native feeds per-sender on the Feed aggregate 
Add nativeFeeds/nativeFeedDismissed to FeedMetadata and hasNativeFeed to
FeedListItem; extend IngestOptions with nativeFeeds; add nativeFeeds(),
hasNativeFeed(), and dismissNativeFeed() to the Feed aggregate mirroring
the existing pendingConfirmation/dismissConfirmation pattern.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 17:14:38 +02:00
Julien Herr 86d18eb390 docs(infra): clarify extractFeedLinks href-resolution comment 2026-05-25 17:12:08 +02:00
Julien Herr 3c48181c05 feat(infra): extract rel=alternate feed links from email HTML 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 17:08:48 +02:00
Julien Herr df5546fedd feat(domain): add native-feed detector (Atom/RSS/JSON) 2026-05-25 17:05:39 +02:00
Julien Herr 021aeabd05 docs(plan): implementation plan for native feed detection 
11 TDD tasks: domain detector, extractFeedLinks, aggregate per-sender
storage, feeds:list projection, ingestion wiring, REST API field, admin
chips/pill/detail group + dismiss, styles, docs.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 17:01:36 +02:00
Julien Herr 69ed07db51 docs(spec): design native Atom/RSS/JSON feed detection 
Per-sender storage (latest-wins, like unsubscribe), pure domain detector
(strict 3 MIME types), admin surfaces (detail/badge/pill/dismiss) and a
read-only REST API field, mirroring the confirmation-detection feature.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 16:54:51 +02:00
Julien Herr 6dad6741ed docs(claude): add Releasing guidance to avoid version mistakes 
Document the -develop/tag-driven release contract in CLAUDE.md so a
release is cut correctly: main stays *-develop, the tag is the source of
truth, never commit a bare version, and re-bump the next cycle after.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 16:19:22 +02:00
Julien Herr d2f3e1ca27 ci(release): derive release version from the tag, not the commit 
The release job built whatever version package.json held at the tagged
commit — but main always carries a -develop suffix, so a vX.Y.Z bundle
would have reported X.Y.Z-develop. Make the tag the source of truth:
strip the suffix in the ephemeral CI checkout before building (never
committed), and fail fast when the tag base doesn't match package.json's
base (wrong-commit guard). Update CONTRIBUTING with the tag-driven flow.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 16:08:24 +02:00
Julien Herr 664d0c02ba chore(release): carry 0.3.0-develop pre-release version between releases 
package.json now holds a -develop pre-release suffix so the version
reported in the footer/health/stats distinguishes a dev build from a
shipped one (0.3.0-develop sorts below 0.3.0 per SemVer). Document the
release flow in CONTRIBUTING.md: strip the suffix at tag time, re-bump
to the next -develop afterward.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 16:04:32 +02:00
Julien Herr 757dd3a53f refactor(domain): own sender display name on EmailAddress 
Push the "Name <addr>" display-name parsing onto the EmailAddress VO
(displayName field + label() = displayName ?? normalized) and delete the
ad-hoc parseFromAddress helper in feed-generator. The feed builder now
parses the from-address once via EmailAddress and reuses it for the site
base URL, the [Sender] title prefix, and the entry author — one parser,
on the type that owns the data.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 15:56:36 +02:00
Julien Herr 16029460bc refactor(feed): drop unused aggregate getter, dedupe sender parse 
The sender-in-title rendering reads the FeedConfig DTO via the read
model, so the Feed.senderInTitle getter had no consumer — remove it.
In buildFeed, parse the from-address once and reuse it for both the
title prefix and the author; drop the dead `?? email.from` fallback
(parseFromAddress already returns the address as the name).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 15:52:51 +02:00
Julien Herr 82a4bd8341 feat(api): expose app version in /api/v1/stats 
Add version to StatsResponse and getStats so the canonical public
monitoring endpoint reports the running build alongside the footer
and /health.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 15:50:45 +02:00
Julien Herr e86beeeb8a feat(feed): optional per-feed sender-in-title toggle 
Add a per-feed senderInTitle flag (domain FeedState.senderInTitle ↔
FeedConfig.sender_in_title). When set, the feed generator prefixes each
entry title with [Sender] (display name, falling back to the address).
Exposed as an admin edit-form checkbox and across the REST API
create/update/response schemas.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 15:48:31 +02:00
Julien Herr 7086526670 feat(admin): display running version in footer and /health 
Inline package.json version at bundle time via src/config/version.ts
(resolveJsonModule), surface it in the shared admin/status footer and
add it to the /health JSON so self-hosters can tell which build runs.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 15:43:05 +02:00
Julien Herr 70552e5fa6 refactor(admin): reuse dashboard Subscribe chips on feed detail page 
Hoist the shared format chips, expiry pill, and copy icons into admin/ui.tsx
so the feed detail (emails) page renders the same Email + Subscribe block as
the dashboard list, dropping the old per-format rows, W3C validator images,
and the now-dead .feed-validate CSS.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 15:20:08 +02:00
Julien Herr 4e3d378850 fix(domain): cut confirmation false positives via weak subscribe signal 
A "manage subscription" / "subscribe" footer link is now a weak (+1) URL
signal instead of strong (+2), so an ordinary newsletter with a stray body
keyword (active/valid) no longer crosses the detection threshold. A genuine
"confirm your subscription" subject + a bare /subscribe link still passes.
Also dedupe surfaced links. Adds false-positive + recall + dedupe tests.
 2026-05-25 10:58:20 +02:00
Julien Herr 421430632e test: cover plaintext confirmation, table-view pill, emails-page banner 2026-05-25 10:57:46 +02:00
Julien Herr 5f05068449 refactor(domain): slim detectConfirmation contract 
Return the ranked links directly (string[] | null) instead of an unused
{score, links} wrapper, and drop the redundant hasKeyword helper in favor
of matchesAny(_, KEYWORDS). No behavior change.
 2026-05-25 10:50:06 +02:00
Julien Herr fc86b5f7d1 refactor(infra): simplify toListItemDTO pendingConfirmation projection 2026-05-25 09:22:01 +02:00
Julien Herr 0929d4f0b7 docs: subscription confirmation surfacing + TODO bookkeeping 2026-05-25 09:18:34 +02:00
Julien Herr 4d47ca623b style(admin): confirmation badge, pill, banner, section 2026-05-25 09:16:24 +02:00
Julien Herr 7019800769 feat(admin): land on feed emails page after creation 2026-05-25 09:14:48 +02:00
Julien Herr f44c6c1eda feat(admin): dashboard pending-confirmation pill 2026-05-25 09:12:27 +02:00
Julien Herr 1525b36cab feat(admin): surface confirmation link, badge, banner + dismiss 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 09:08:30 +02:00
Julien Herr c4d591b962 feat(ingest): detect and mark confirmation emails 2026-05-25 09:04:36 +02:00
Julien Herr 36d58ade48 feat(infra): project pendingConfirmation into feeds:list 
saveMetadata now also upserts the list entry so the pendingConfirmation
flag is reflected in the dashboard without an extra per-feed KV read.
toListItemDTO gains an optional third parameter for the flag.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 09:02:16 +02:00
Julien Herr 79bb4902b9 feat(domain): pendingConfirmation flag on the Feed aggregate 2026-05-25 08:58:26 +02:00
Julien Herr d561b6b81f feat(infra): extractLinks for confirmation detection 2026-05-25 08:55:24 +02:00
Julien Herr e4e3d62f5a refactor(domain): clearer diacritics escape + hasKeyword boolean 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 08:38:46 +02:00
Julien Herr f2e0353438 feat(domain): confirmation-email detection service 2026-05-25 08:36:54 +02:00
Julien Herr 6bf11493ab docs(plan): subscription confirmation surfacing implementation plan 
11 TDD tasks: domain detection service, extractLinks, types + aggregate
flag, feeds:list projection, ingestion wire-in, admin UI (detail section,
list badge, banner, dismiss), dashboard pill, post-creation redirect,
styles, docs/TODO bookkeeping, green close.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 08:33:57 +02:00
Julien Herr 5b54659b4d docs(spec): subscription confirmation surfacing design 
Brainstormed design for detecting newsletter confirmation emails at
ingestion, marking them, and surfacing the confirmation link in the admin
(detail section, list badge, dashboard pill, emails-page banner). v1 does
no outbound request; server on-detect actions deferred.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 08:29:11 +02:00
Julien Herr 0488b9d066 docs(todo): add multi-user, change-admin-password & admin-managed API tokens 
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 08:00:53 +02:00
Julien Herr 2a3aeb8a18 feat(admin): link email detail to its public entry page 
Add a "Public page" link next to the Rendered/Raw toggle in the admin
email view, opening the standalone /entries/:feedId/:entryId render.
Centralize the entry route shape in a pure entryPath() builder, used by
both the admin link and the RSS/Atom/JSON feed generator.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-24 23:26:16 +02:00
Julien Herr b3a979fd03 feat(admin): per-feed Subscribe chips with copy/open/validate for RSS/Atom/JSON 
Replace the stacked RSS/Atom URL rows in the dashboard with a compact
"Subscribe" chip block exposing all three feed formats — including JSON
Feed, previously absent from the admin UI. Each chip carries copy, open,
and validate actions; validation links to the W3C Feed Validator (RSS/Atom)
and validator.jsonfeed.org (JSON). The Table view's RSS+Atom columns fold
into a single Formats column.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-24 23:08:27 +02:00
Julien Herr 1a4a479190 feat: decouple read FeedId from inbound MailboxId 
Separate the two feed identities so the public read URL never reveals the
inbound address and vice-versa:

- FeedId becomes an opaque high-entropy token (read id + KV key); MailboxId
  (noun.noun.NN) owns the inbound address and the untrusted-input boundary
  via MailboxId.parse. They map only through the inbound:<mailbox> secondary
  index, resolved solely at reception.
- inbound index lifecycle is owned by FeedRepository: written by save/saveConfig,
  dropped by removeFromList(Bulk) — symmetric, never mirrored by hand (removes the
  manual delete in feed-service + the cron loop, and a silent empty-catch).
- Feed.mailboxId exposes a MailboxId VO (symmetry with Feed.id); the
  mailbox@domain shape lives on MailboxId.emailAddress(domain).
- Distinguish mailbox_unknown (no feed claims the address) from feed_not_found
  (dangling index) for observability; both forwardable, both 404.
- Drop the redundant EmailParser.extractMailbox pass-through so MailboxId.parse
  is the single parse boundary.

Docs (README/INSTALL/CLAUDE.md/landing) and tests updated; 439 tests green,
tsc clean, build dry-run OK.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-24 22:46:37 +02:00
Julien Herr f7f10779bc docs(todo): add JSON Feed v1.1 upgrade + version/update/instances items 
- JSON Feed v1.1: post-process .json1() output (lib issue #139 closed
  not-planned, stays on version/1) — set version 1.1, authors[], language
- Display running version (admin/status/health), bundled from package.json
- Notify when a newer GitHub Release exists (cached check, opt-out-able)
- Opt-in instance telemetry: central counter and/or public directory,
  privacy-first (off by default, no PII, "count me but don't list me")

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-24 20:58:44 +02:00
Julien Herr 0abd5f306c feat: reader-compat batch — JSON Feed, OPML export, conditional GET, dedup 
Batch of four reader-facing improvements (TODO "Compat lecteurs + dedup"):

- JSON Feed at /json/:feedId (feed lib .json1()); all formats cross-link
- OPML export at /admin/opml (admin-protected; the registry lists every
  feed URL, so it must not be public)
- Conditional GET on /rss + /atom: strong ETag + Last-Modified, 304 on
  If-None-Match/If-Modified-Since, validators shared via http-cache.ts
- Duplicate-send dedup in ingestion: match by Message-ID, fall back to a
  SHA-256 of normalized subject+content; a duplicate is a no-op and bumps
  the new emails_deduplicated counter (status page + /api/v1/stats)

429 tests green, tsc clean, build dry-run OK. Docs (README/CLAUDE/TODO +
landing cards) updated.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-24 20:47:54 +02:00
Julien Herr 334713fbd9 docs(todo): add pluggable runtime/storage/ingestion epic (off-Cloudflare) 
Catalog the Clever Cloud + Sweego portability epic: adapter matrix,
seven independently-deliverable sub-tasks, open questions, scope, and
acceptance criteria for keeping CF-native and self-host profiles
behavior-equivalent from one codebase.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-24 17:52:01 +02:00
78 changed files with 7695 additions and 454 deletions
Expand all files Collapse all files
.github/workflows/release.yml
+18
View File
@@ -21,6 +21,24 @@ jobs:
- run: npm ci
# The tag is the source of truth for a release version. main always carries
# a `-develop` pre-release suffix, so strip it here (in the ephemeral CI
# checkout only — never committed) so the built bundle reports the bare
# X.Y.Z. Guard against tagging the wrong commit: the tag's base must match
# package.json's base version.
- name: Align package.json version to the tag
env:
TAG_NAME: ${{ github.ref_name }}
run: |
VERSION="${TAG_NAME#v}"
PKG_BASE="$(node -p 'require("./package.json").version.split("-")[0]')"
if [ "$VERSION" != "$PKG_BASE" ]; then
echo "Tag $TAG_NAME (base $VERSION) does not match package.json base ($PKG_BASE)." >&2
echo "Tag the commit whose package.json is ${VERSION}-develop." >&2
exit 1
fi
npm version "$VERSION" --no-git-tag-version --allow-same-version
- run: npm run build
- name: Locate bundled output
CLAUDE.md
+39 -17
View File
@@ -32,7 +32,7 @@ Work **test-first (TDD)** and **domain-driven (DDD)** in this repo — both are
**TDD.** Write or extend a test before/with the change, then make it pass. Mirror the existing test layout (`*.test.ts` next to the source, `createMockEnv()` from `src/test/setup.ts`, MSW for outbound HTTP). End every change green: `npx tsc --noEmit`, `npm test`, and `npm run build` (dry-run deploy) must all pass before declaring done.
**DDD.** Before adding logic, check whether the domain already models the concept — reach for the value objects in `src/domain/value-objects/` (`EmailAddress`, `Domain`, `FeedId`, `Lifetime`, `SenderPolicy`) and the `Feed` aggregate rather than re-deriving things ad hoc. New behavior belongs on the type that owns the data (e.g. "sender site URL" lives on `EmailAddress`, not in a helper). Respect the layering and aggregate rules below — imports point inward (routes → application → domain; infrastructure implements ports), and never reach across a layer for convenience (e.g. importing a favicon/infra helper just to parse a domain). When the same derivation appears twice, that's the signal to push it onto a domain type.
**DDD.** Before adding logic, check whether the domain already models the concept — reach for the value objects in `src/domain/value-objects/` (`EmailAddress`, `Domain`, `FeedId`, `MailboxId`, `Lifetime`, `SenderPolicy`) and the `Feed` aggregate rather than re-deriving things ad hoc. New behavior belongs on the type that owns the data (e.g. "sender site URL" lives on `EmailAddress`, not in a helper). Respect the layering and aggregate rules below — imports point inward (routes → application → domain; infrastructure implements ports), and never reach across a layer for convenience (e.g. importing a favicon/infra helper just to parse a domain). When the same derivation appears twice, that's the signal to push it onto a domain type.
## Architecture
@@ -46,11 +46,13 @@ Single Cloudflare Worker built with Hono. Routes:
| `GET /api/v1/stats` | Public monitoring counters (JSON, CORS); canonical stats endpoint |
| `GET /api/openapi.json` | OpenAPI 3.1 spec (public) |
| `GET /api/docs` | Rendered API reference (Scalar, public) |
| `GET /rss/:feedId` | Public RSS 2.0 feed |
| `GET /atom/:feedId` | Public Atom feed (with WebSub hub header) |
| `GET /rss/:feedId` | Public RSS 2.0 feed (conditional GET: ETag/Last-Modified/304) |
| `GET /atom/:feedId` | Public Atom feed (WebSub hub header; conditional GET ETag/304) |
| `GET /json/:feedId` | Public JSON Feed |
| `GET /entries/:feedId/:entryId` | Individual email HTML view |
| `GET /files/:attachmentId/:filename` | R2 attachment serving |
| `GET /admin` | Password-protected admin UI |
| `GET /admin/opml` | OPML export of all feeds (admin-protected) |
| `/hub` | WebSub hub (subscribe/publish) |
| `GET /favicon.svg`, `/favicon.ico` | Project favicon (envelope logo); fallback for per-feed favicons |
| `GET /favicon/:feedId` | Per-feed favicon from the last sender's domain (falls back to project) |
@@ -73,7 +75,8 @@ src/
events.ts # FeedEvent union (FeedCreated, EmailIngested) — each carries its feedId
email-parser.ts # Email parsing (addresses, headers, encoded words)
format.ts # Pure formatting helpers (formatBytes)
value-objects/ # FeedId, EmailAddress, Domain, SenderPolicy, Lifetime (immutable, self-validating)
native-feed.ts # Detect a newsletter's self-advertised Atom/RSS/JSON feed (pure)
value-objects/ # FeedId (opaque read id), MailboxId (inbound noun.noun.NN), EmailAddress, Domain, SenderPolicy, Lifetime (immutable, self-validating)
application/ # Use-cases / orchestration (wires domain + infrastructure)
feed-service.ts # createFeedRecord / editFeedDetails / editFeed / deleteFeedRecord (admin UI + REST API)
feed-cleanup.ts # Feed/email storage cleanup: purgeFeedKeysStep, collectUnsubscribeUrls, attachment+key deletion
@@ -94,7 +97,8 @@ src/
worker.ts # Typed worker / waitUntil helper
attachments.ts # R2 bucket accessor
favicon-fetcher.ts # Outbound favicon fetch + cache (uses IconRepository)
feed-generator.ts # RSS/Atom XML generation
feed-generator.ts # RSS/Atom/JSON Feed XML+JSON generation
http-cache.ts # Conditional-GET validators (ETag/Last-Modified) for feed routes
html-processor.ts # Email HTML sanitization / inline cid: rewriting
websub.ts # WebSub subscription management + delivery
unsubscribe.ts # RFC 8058 one-click unsubscribe dispatch
@@ -103,6 +107,8 @@ src/
inbound.ts # ForwardEmail webhook handler
rss.ts # RSS feed renderer
atom.ts # Atom feed renderer
json.ts # JSON Feed renderer
opml.ts # OPML export of all feeds (admin-protected handler)
entries.ts # Single email HTML view
files.ts # R2 attachment serving
hub.ts # WebSub hub
@@ -134,17 +140,20 @@ src/
All data lives in the `EMAIL_STORAGE` KV namespace:
| Key | Value |
| --------------------------- | ---------------------------------------------------------------------------------------------- |
| `feeds:list` | `{ feeds: Array<{ id, title, description?, expires_at? }> }` |
| `feed:<feedId>:config` | `FeedConfig` |
| `feed:<feedId>:metadata` | `{ emails: Array<{ key, subject, receivedAt, size?, attachmentIds?, inlineAttachmentIds? }> }` |
| `feed:<feedId>:<timestamp>` | Full `EmailData` |
| `websub:subs:<feedId>` | `WebSubSubscription[]` (per-feed subscriber list) |
| `icon:<domain>` | Cached favicon record (base64 + content type; negative entries allowed) |
| `stats:counters` | `Counters` (cumulative monitoring counters singleton) |
| Key | Value |
| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `feeds:list` | `{ feeds: Array<{ id, title, description?, mailbox_id?, expires_at? }> }` |
| `feed:<feedId>:config` | `FeedConfig` |
| `feed:<feedId>:metadata` | `{ emails: Array<{ key, subject, receivedAt, size?, attachmentIds?, inlineAttachmentIds? }>, nativeFeeds?: Record<string, NativeFeed[]>, nativeFeedDismissed?: boolean }` |
| `feed:<feedId>:<timestamp>` | Full `EmailData` |
| `inbound:<mailboxId>` | The feed id this inbound address (`noun.noun.NN`) routes to (resolved only at reception) |
| `websub:subs:<feedId>` | `WebSubSubscription[]` (per-feed subscriber list) |
| `icon:<domain>` | Cached favicon record (base64 + content type; negative entries allowed) |
| `stats:counters` | `Counters` (cumulative monitoring counters singleton) |
The KV key schema lives in `src/domain/feed-keys.ts` (pure, framework-agnostic) — never inline a `feed:`/`feeds:list`/`websub:`/`icon:`/`stats:counters` key string anywhere else. KV access is owned by four repository **adapters** in `src/infrastructure/`, each for one concern: `FeedRepository` (the Feed aggregate + global list + email bodies), `IconRepository` (`icon:*`), `WebSubSubscriptionRepository` (`websub:subs:*`), and `CountersRepository` (`stats:counters`). Go through a repository, never `env.EMAIL_STORAGE.get/put` directly. The domain depends only on the key schema, not on these adapters.
`feedId` is an **opaque random token** — the feed's identity, its KV storage key, and the public read id (`/rss/:feedId`). It is **decoupled** from the inbound email address: each feed also has a friendly `MailboxId` (`noun.noun.NN`) whose only mapping to the feed is the `inbound:<mailboxId>` secondary index, read **only** at email reception. So the feed's read URL never reveals its inbound address and vice-versa; reading `/rss/<noun.noun.NN>` 404s.
The KV key schema lives in `src/domain/feed-keys.ts` (pure, framework-agnostic) — never inline a `feed:`/`feeds:list`/`inbound:`/`websub:`/`icon:`/`stats:counters` key string anywhere else. KV access is owned by four repository **adapters** in `src/infrastructure/`, each for one concern: `FeedRepository` (the Feed aggregate + global list + email bodies), `IconRepository` (`icon:*`), `WebSubSubscriptionRepository` (`websub:subs:*`), and `CountersRepository` (`stats:counters`). Go through a repository, never `env.EMAIL_STORAGE.get/put` directly. The domain depends only on the key schema, not on these adapters.
### Domain & layering rules
@@ -153,11 +162,12 @@ The KV key schema lives in `src/domain/feed-keys.ts` (pure, framework-agnostic)
- **The domain never speaks the storage dialect.** The aggregate holds its config as domain `FeedState` (camelCase), never the snake_case `FeedConfig` DTO. The translation `FeedState ↔ FeedConfig/FeedListItem` lives in `infrastructure/feed-mapper.ts` — the only place outside the HTTP edge that knows the persisted field names. `FeedRepository.load` maps DTO→state on the way in; `save`/`saveConfig` map state→DTO on the way out.
- **The aggregate never exposes its raw state.** It has no `state`/`metadata` getters (a shallow `Readonly<…>` would still leak mutable arrays). Read named accessors (`title`, `expiresAt`, `emails`, `allowedSenders()`, …) which return copies; the repository reads `state()`/`toMetadataSnapshot()` (copies) and runs them through the mapper.
- **One edit path.** `edit(patch, { lifetime? })` is the single mutation for config. A `Lifetime` VO is resolved by the application (env `FEED_TTL_HOURS` override + client request); its **presence recomputes expiry, its absence preserves it** — which is exactly the dashboard's title/description quick-edit (no lifetime passed). It rejects an already-expired feed, so a quick-edit can no more touch an expired feed than a full edit can.
- **`feeds:list` stays in sync automatically.** `FeedRepository.save`/`saveConfig` upsert the registry entry via `toListItemDTO(feed.id, feed.state())` — services never mirror title/description/expiry into the list by hand.
- **`feeds:list` and the `inbound:` index stay in sync automatically.** `FeedRepository.save`/`saveConfig` upsert the registry entry via `toListItemDTO(feed.id, feed.state())` _and_ write the `inbound:<mailbox> → feedId` index — services never mirror title/description/expiry into the list by hand. Symmetrically, `removeFromList`/`removeFromListBulk` drop the inbound index (the mailbox is cached on the list item) — so the index lives outside the `feed:<id>:` prefix the key purge sweeps, but is still cleared wherever a feed leaves the list (`deleteFeedRecord`, bulk admin delete, the cron). `deleteFeedFastDetailed` only removes config+metadata; it does **not** touch the index.
- Read-only RSS/Atom rendering uses the `feed-fetcher` read model, not the aggregate (no invariant to enforce on the hot path).
- KV has no multi-key transaction; the aggregate is the seam a future Durable Object would wrap to serialise concurrent ingests (see `email-processor.ts`).
- **Side effects via domain events.** Mutations with consequences record a `FeedEvent` (`FeedCreated`, `EmailIngested`), each carrying its own `feedId`. After persisting, the caller hands the aggregate to `application/feed-events.dispatchFeedEvents(feed, env, schedule)` — the single dispatch entry point that drains `pullEvents()` and runs the counters/WebSub/favicon. Don't pull events or thread the feed id by hand at call sites. Side effects with no aggregate mutation (a rejected email, feed deletion that bypasses the aggregate, bulk admin ops, the cron) stay imperative — they have no event to ride on.
- **`FeedId` flows through the layers.** It is the identity type taken by the domain (`Feed.id`), the application use-cases (`editFeed`, `editFeedDetails`, `deleteFeedRecord`, `fetchFeedData`, the cleanup steps) and the infrastructure repositories/services (`FeedRepository`, `WebSubSubscriptionRepository`, `notifySubscribers`, …). Mint it **once** at the edge — `FeedId.parse(address)` for inbound email (validates), `FeedId.unchecked(param)` at the HTTP edge (no revalidation: a bad id just misses in KV and 404s), `FeedId.generate()` for a new feed — then pass the VO inward. Unwrap to `.value` (string) only at the true serialisation edges: URL builders (`urls.ts`), XML generation (`feed-generator.ts`), the KV key schema (`feed-keys.ts`), logs and JSON responses.
- **`FeedId` flows through the layers.** It is the identity type taken by the domain (`Feed.id`), the application use-cases (`editFeed`, `editFeedDetails`, `deleteFeedRecord`, `fetchFeedData`, the cleanup steps) and the infrastructure repositories/services (`FeedRepository`, `WebSubSubscriptionRepository`, `notifySubscribers`, …). Mint it **once** at the edge — `FeedId.generate()` (opaque) for a new feed, `FeedId.unchecked(param)` at the read/HTTP edge (no revalidation: a bad id just misses in KV and 404s) — then pass the VO inward. Unwrap to `.value` (string) only at the true serialisation edges: URL builders (`urls.ts`), XML generation (`feed-generator.ts`), the KV key schema (`feed-keys.ts`), logs and JSON responses.
- **`FeedId` (read) vs `MailboxId` (write) are distinct identities.** `MailboxId` (`noun.noun.NN`) owns the inbound address and the untrusted-input boundary: `MailboxId.parse(address)` at reception is the only place an external string becomes a mailbox. Ingestion then resolves it to the feed via `FeedRepository.resolveInbound(mailbox)` and loads by the resulting `FeedId`. The mailbox is an attribute of the feed (held on `FeedState.mailboxId`, exposed as `Feed.mailboxId: MailboxId`, persisted as `mailbox_id`, projected into `feeds:list`); the `mailbox@domain` shape lives on the VO (`MailboxId.emailAddress(domain)`), with `urls.feedEmailAddress` only resolving the env domain. Never derive one id from the other — the decoupling is the privacy guarantee.
### Worker bindings (`Env`)
@@ -191,6 +201,18 @@ MSW (`msw/node`) handles external HTTP mocks. Tests that hit validation paths in
- `ADMIN_PASSWORD` is set via `wrangler secret put` — never in config files
- Keep `compatibility_date` current on runtime upgrades
## Releasing (read before cutting a release)
`package.json` `version` is inlined at build time as `APP_VERSION` (`src/config/version.ts`) and surfaced in the admin/status footer, `/health`, and `/api/v1/stats`. **`main` always carries a `-develop` pre-release suffix** (e.g. `0.3.0-develop`) so a dev build is never mistaken for a shipped one.
When asked to "release X.Y.Z", the **git tag is the source of truth** — do **not** commit a bare `X.Y.Z` to `main`:
1. Confirm `main`'s `package.json` reads `X.Y.Z-develop` (its base must match the release). If you're bumping the target, that's a separate `-develop` bump.
2. `git tag vX.Y.Z && git push origin vX.Y.Z` — the Release workflow (`.github/workflows/release.yml`) strips the `-develop` suffix in its ephemeral checkout, builds the bundle reporting the bare `X.Y.Z`, and publishes the GitHub Release. It **fails fast** if the tag base ≠ `package.json` base (wrong-commit guard).
3. After the release, reopen the next cycle: `npm version <next>-develop --no-git-tag-version` on `main` (next minor by default, or `X.Y.Z+1-develop` for a patch line), then commit + push.
Full flow lives in [CONTRIBUTING.md](CONTRIBUTING.md) under "Releasing".
## When changing behavior
**Always document evolutions** — treat docs as part of the change, not a follow-up. When you add or change a feature, update the relevant docs in the same change:
CONTRIBUTING.md
+28
View File
@@ -72,6 +72,34 @@ docs(readme): add Continuous deployment section
Common types: `feat`, `fix`, `refactor`, `docs`, `test`, `chore`.
## Releasing
The running version is read from `package.json` `version` and inlined at build
time (footer, `/health`, `/api/v1/stats`). `main` **always** carries a
`-develop` pre-release suffix (e.g. `0.3.0-develop`) so a dev build is never
mistaken for a shipped one — `0.3.0-develop` sorts _below_ `0.3.0` per SemVer,
meaning "heading toward 0.3.0, not yet released".
**The git tag is the source of truth for a release version**, not a commit on
`main`. The Release workflow (`.github/workflows/release.yml`) triggers on a
`v*` tag, strips the `-develop` suffix in its ephemeral checkout so the published
bundle reports the bare `X.Y.Z`, then builds and creates the GitHub Release. It
fails fast if the tag's base doesn't match `package.json`'s base version, which
catches tagging the wrong commit. You never commit a bare `X.Y.Z` to `main`.
To cut release `X.Y.Z` (its base must equal `main`'s current `X.Y.Z-develop`):
```bash
git tag vX.Y.Z && git push origin vX.Y.Z # the workflow aligns + builds + publishes
```
Then reopen the next cycle on `main`:
```bash
npm version <next>-develop --no-git-tag-version # e.g. 0.4.0-develop (or 0.3.1-develop for a patch line)
# commit + push
```
## Reporting bugs and requesting features
Open an issue at
INSTALL.md
+29
View File
@@ -114,6 +114,26 @@ Scope the token to the relevant **account** and, for custom domains, the relevan
- Keep `compatibility_date` fresh when doing runtime upgrades.
- `ADMIN_PASSWORD` is a Cloudflare Worker secret, not a plain env var in config.
### Native feed detection
When an incoming email's HTML advertises the newsletter's own syndication feed via `<link rel="alternate" type="application/atom+xml|rss+xml|feed+json">`, the worker captures those URLs at ingestion and shows them per feed — no configuration required:
- **Email detail page** — a "Native feeds" chip group lists each discovered feed URL with a copy button.
- **Feed dashboard** — a "Native feed available" pill signals that the source publishes its own feed.
- **Emails page banner** — a dismissable banner prompts you to subscribe to the source directly; once dismissed it stays hidden.
- **REST API** — the read-only `nativeFeeds` array on `GET/POST/PATCH /api/v1/feeds` exposes the same data for automation.
### Subscription confirmation
When a newsletter sends a "confirm your email" message, the worker detects it at ingestion using multilingual keyword matching and link scoring. Detected emails are automatically flagged and surfaced throughout the admin UI:
- **Email detail page** — a dedicated "Confirm your subscription" section appears at the top with a primary button linking directly to the confirmation URL.
- **Email list** — a "Confirmation" badge appears next to the subject so pending confirmations stand out at a glance.
- **Feed dashboard** — a "Confirmation pending" pill on the feed card signals that action is needed.
- **Emails page banner** — a dismissible banner with a "Mark as confirmed" button lets you clear the flag once you've clicked the link.
**v1 performs no outbound request.** The admin clicks the confirmation link themselves in their browser; the worker only detects and surfaces it. Server-side on-detect actions (auto-click from the worker, or forwarding the original email to a fallback address) are planned for a future version.
### Catch-all fallback forwarding
By default, inbound mail that doesn't match a feed is dropped (logged, then discarded). If you want to point a domain's **catch-all** at this worker without losing your personal mail, set an optional fallback address — non-feed mail is forwarded there instead of dropped:
@@ -137,6 +157,15 @@ What gets forwarded vs dropped:
Expired feeds and blocked senders are dropped on purpose, so a real newsletter never leaks into your fallback inbox. Leave the variable unset to keep the original drop-and-log behavior.
### Inbound address vs feed URL
Each feed has **two independent identifiers**, on purpose:
- a friendly **inbound address** you subscribe newsletters with — `noun.noun.NN@yourdomain.com` (e.g. `apple.mountain.42@yourdomain.com`);
- an **opaque feed URL** for your reader — `https://yourdomain.com/rss/<random-id>` (also `/atom/<id>`, `/json/<id>`).
They are not derivable from each other. This means you can hand someone a feed URL without revealing the address that feeds it, and an address harvested by a newsletter sender can't be turned into your feed (requesting `/rss/<your-address>` returns 404). The admin dashboard shows both per feed; copy the address into signup forms and the feed URL into your reader. (Internally the inbound address is mapped to the feed by an `inbound:<address>` KV entry, resolved only when mail arrives.)
### Feed size limit
By default the worker keeps emails until the feed's stored data exceeds **512 KB**, then drops the oldest entries (and their KV records) to stay under the limit. This is more robust than a fixed entry count for HTML-heavy newsletters.
README.md
+16 -5
View File
@@ -16,15 +16,24 @@ kill-the-news keeps the same workflow while avoiding shared domains and shared d
- Bulk feed/email deletion from the admin dashboard (safe checkbox-based flow)
- Inline double-confirm delete interactions with toast feedback in the admin dashboard
- Resizable + sortable table columns in the admin dashboard (Table view)
- Per-feed "Subscribe" chips in the admin dashboard — copy, open, or validate the feed in one click for each of RSS, Atom, and JSON Feed (validation via the W3C Feed Validator and validator.jsonfeed.org)
- Unique newsletter addresses per feed (for example `apple.mountain.42@yourdomain.com`)
- **Separate inbound address and feed URL** — the address you subscribe with (`apple.mountain.42@yourdomain.com`) and the public feed URL (`/rss/<opaque-id>`) use **independent** ids, so you can share a feed without leaking the address that feeds it, and an address harvested by a newsletter can't be used to read your feed (`/rss/<your-address>` 404s)
- Cloudflare Email Workers ingestion (no third-party service)
- ForwardEmail webhook ingestion with source-IP verification (optional alternative)
- Optional per-feed sender allowlist (`email@domain.com` or `domain.com`)
- Optional per-feed "sender in title" toggle — renders each entry as `[Sender] Subject` for at-a-glance scanning in your reader
- RSS generation on demand (`/rss/:feedId`)
- Atom feed at `/atom/:feedId`
- JSON Feed at `/json/:feedId` (natively consumed by NetNewsWire, Reeder, NewsBlur, Feedly)
- Bandwidth-friendly polling: RSS/Atom send a strong `ETag` + `Last-Modified` and answer `304 Not Modified` on conditional requests
- Duplicate-send dedup: a newsletter delivered twice (matched by `Message-ID`, then by a content hash) is stored once
- OPML export of all feeds at `/admin/opml` (admin-protected) for one-click bulk import into any reader
- Reader-friendly output: relative links/images absolutized to the sender's site, lazy-loaded images promoted (`data-src``src`), plain-text feed titles, and XML-illegal control characters stripped so feeds parse in strict readers
- Per-feed favicon derived from the last sender's domain (`/favicon/:feedId`), cached and shown in feeds + admin
- Automatic RFC 8058 one-click unsubscribe when a feed is deleted — stops newsletters from mailing the now-dead address
- **Subscription confirmation surfacing** — at ingestion the worker detects "confirm your subscription" emails (multilingual keyword + link scoring) and surfaces them in the admin: a dedicated section with a primary "Confirm subscription" button on the email detail page, a "Confirmation" badge in the email list, a "Confirmation pending" pill on the dashboard, and a banner on the feed's emails page with a "Mark as confirmed" dismiss button; v1 surfaces the link only — no outbound request is made
- **Native feed detection** — when a newsletter advertises its own RSS/Atom/JSON feed via `<link rel="alternate">` in the email HTML, KTN surfaces it in the admin (a "Native feeds" chip group on the email detail page, a dashboard pill, and a dismissable banner) and on the REST API (`nativeFeeds` field), so you can subscribe to the source directly
- Email attachments stored in Cloudflare R2 and exposed as RSS enclosures (optional)
- Cloudflare KV storage for feed config + email metadata/content
- Password-protected admin UI
@@ -41,9 +50,9 @@ Two ingestion methods are supported — pick one or use both:
Common path:
1. Incoming email arrives at `user@yourdomain.com`.
2. The Worker resolves the feed from the recipient address and stores the email in KV.
3. `https://yourdomain.com/rss/:feedId` renders RSS from stored items.
1. Incoming email arrives at `apple.mountain.42@yourdomain.com` (the feed's inbound address).
2. The Worker resolves the feed from the recipient address (via the `inbound:` index) and stores the email in KV.
3. `https://yourdomain.com/rss/<opaque-feed-id>` renders RSS from stored items — note the feed id is a separate opaque token, not the inbound address.
4. `/admin` provides feed management and email deletion.
5. `https://yourdomain.com/` shows a public status page with monitoring counters and a link to the admin.
@@ -51,8 +60,10 @@ Main routes:
- `src/lib/cloudflare-email.ts`: Cloudflare Email Workers ingestion
- `src/routes/inbound.ts`: ForwardEmail webhook ingestion
- `src/routes/rss.ts`: RSS rendering
- `src/routes/atom.ts`: Atom feed rendering
- `src/routes/rss.ts`: RSS rendering (with conditional-GET / ETag support)
- `src/routes/atom.ts`: Atom feed rendering (with conditional-GET / ETag support)
- `src/routes/json.ts`: JSON Feed rendering
- `src/routes/opml.ts`: OPML export of all feeds (admin-protected, mounted at `/admin/opml`)
- `src/routes/files.ts`: attachment file serving from R2
- `src/routes/admin.tsx`: admin UI + feed CRUD
- `src/routes/api/`: versioned REST API + OpenAPI spec/docs (`/api/v1/*`, `/api/openapi.json`, `/api/docs`)
TODO.md
+82 -9
View File
@@ -48,9 +48,13 @@ Feature gaps identified by comparing with [kill-the-newsletter](https://github.c
Gaps found by reading every open/closed issue + PR on [kill-the-newsletter](https://github.com/leafac/kill-the-newsletter/issues). These are requests we do **not** yet satisfy (many other recurring requests — dark mode, copy buttons, favicon, expiration, attachments, API, WebSub, sender-in-author — we already cover).
- [ ] `P1·M` **Subscription confirmation handling**_the single most recurring upstream request_ ([#5](https://github.com/leafac/kill-the-newsletter/issues/5), [#23](https://github.com/leafac/kill-the-newsletter/issues/23), [#57](https://github.com/leafac/kill-the-newsletter/issues/57), [#73](https://github.com/leafac/kill-the-newsletter/issues/73), [#89](https://github.com/leafac/kill-the-newsletter/issues/89), [#95](https://github.com/leafac/kill-the-newsletter/issues/95), [#97](https://github.com/leafac/kill-the-newsletter/issues/97)). Newsletters require a "click to confirm your email" step; users can't easily find/click the link buried in a feed reader. Our admin already lists emails, but nothing **surfaces** the confirmation link or shows the first email inline right after feed creation. Low effort, high payoff (admin UX in `src/routes/admin/feeds.tsx` + maybe extract candidate confirm links during ingestion in `src/application/email-processor.ts`).
- [x] `P1·M` **Subscription confirmation handling**_the single most recurring upstream request_ ([#5](https://github.com/leafac/kill-the-newsletter/issues/5), [#23](https://github.com/leafac/kill-the-newsletter/issues/23), [#57](https://github.com/leafac/kill-the-newsletter/issues/57), [#73](https://github.com/leafac/kill-the-newsletter/issues/73), [#89](https://github.com/leafac/kill-the-newsletter/issues/89), [#95](https://github.com/leafac/kill-the-newsletter/issues/95), [#97](https://github.com/leafac/kill-the-newsletter/issues/97)). Newsletters require a "click to confirm your email" step; users can't easily find/click the link buried in a feed reader. Our admin already lists emails, but nothing **surfaces** the confirmation link or shows the first email inline right after feed creation. Low effort, high payoff (admin UX in `src/routes/admin/feeds.tsx` + maybe extract candidate confirm links during ingestion in `src/application/email-processor.ts`).**Shipped:** v1 detects confirmation emails at ingestion (multilingual keyword + link scoring) and surfaces the link in the admin (detail section, list badge, dashboard pill, emails-page banner + dismiss); post-create now lands on the feed's emails page. v1 does no outbound request; server on-detect actions deferred (see below).
- [ ] `P1·M` **Separate write (email) / read (feed) IDs**_most-requested privacy gap, still open upstream_ ([#114](https://github.com/leafac/kill-the-newsletter/issues/114), [#93](https://github.com/leafac/kill-the-newsletter/issues/93), [#75](https://github.com/leafac/kill-the-newsletter/issues/75)). Today `feedEmailAddress = <feedId>@domain` and `/rss/<feedId>` reuse the **same** id (`src/infrastructure/urls.ts`), so anyone with the inbound address can read the feed (and vice-versa) — you can't share a feed without leaking its subscribe address. Add a distinct read id alongside the write id: touch `FeedState`, id generation (`FeedId`), `urls.ts`, the `inbound` parse, and the feed-list/registry. Medium effort.
- [ ] `P2·M` **Confirmation on-detect server action (none / autoclick / forward)** — extend the shipped confirmation detection with a server-configured action via an env var (default `none`): `autoclick` = follow the detected confirm link server-side from the worker (⚠ guard SSRF: http(s) only, block internal/private IP ranges, timeout, no redirect to non-http schemes); `forward` = forward the original email to `FALLBACK_FORWARD_ADDRESS`. Touches `src/application/email-processor.ts`, `Env` (`src/types/index.ts`), `src/infrastructure/cloudflare-email.ts`. — _origin: internal (juherr)_
- [x] `P1·M` **Separate write (email) / read (feed) IDs**_most-requested privacy gap, still open upstream_ ([#114](https://github.com/leafac/kill-the-newsletter/issues/114), [#93](https://github.com/leafac/kill-the-newsletter/issues/93), [#75](https://github.com/leafac/kill-the-newsletter/issues/75)). The two identities are now decoupled: `FeedId` is an **opaque random token** (`FeedId.generate()` → 22-char base64url) used as the KV storage key and the public read id (`/rss/:feedId`), while the inbound address is a separate `MailboxId` VO (`noun.noun.NN`, the old format) resolved to its feed **only at reception** via a new `inbound:<mailboxId>` secondary index (`src/infrastructure/feed-repository.ts` `resolveInbound`). `MailboxId.parse` owns the untrusted-input boundary (moved off `FeedId`); the mailbox lives on `FeedState.mailboxId` / `mailbox_id` and is projected into `feeds:list`. Reading `/rss/<noun.noun.NN>` 404s and no public feed output contains the inbound address. Pre-release, so no migration/backward-compat. — _origin: [ktn#114](https://github.com/leafac/kill-the-newsletter/issues/114), [ktn#93](https://github.com/leafac/kill-the-newsletter/issues/93), [ktn#75](https://github.com/leafac/kill-the-newsletter/issues/75)_
- [ ] `P2·S` **Rotate the inbound mailbox and/or feed id**_follow-up to the write/read separation above_. Now that the inbound address (`MailboxId`) and the read id (`FeedId`) are decoupled, offer an admin + REST action to **re-mint** either one to revoke a leaked subscribe address or a shared feed URL. Rotating the mailbox: generate a new `MailboxId`, write the new `inbound:<new>` index, delete the old; rotating the read id is heavier (it's the KV storage key — would require re-keying `feed:<id>:*`, so prefer rotating only the mailbox first). Touch `feed-service.ts`, `feed-repository.ts`, admin UI, `api/index.ts`. — _origin: internal (privacy)_
- [ ] `P2·M` **Proxy/prefetch remote images** ([#69](https://github.com/leafac/kill-the-newsletter/issues/69)). We already proxy inline `cid:` images via R2, but remote `<img src="https://…">` stay remote → tracking pixels fire on read. Extend `src/infrastructure/html-processor.ts` to rewrite remote image src through a worker proxy/cache endpoint (reuse the R2 + Cache API pattern from favicons).
@@ -58,9 +62,9 @@ Gaps found by reading every open/closed issue + PR on [kill-the-newsletter](http
- [ ] `P2·S` **Strip-styles / plaintext rendering option** ([#74](https://github.com/leafac/kill-the-newsletter/issues/74), [#119](https://github.com/leafac/kill-the-newsletter/issues/119)). Some readers render newsletter HTML/CSS poorly. Offer an opt-in to strip `<style>` + inline styles (keeping links), or to prefer the `text/plain` part. Per-feed setting + `src/infrastructure/html-processor.ts`.
- [ ] `P2·S` **Optional sender in entry title** ([#123 — open PR upstream](https://github.com/leafac/kill-the-newsletter/pull/123), [#124](https://github.com/leafac/kill-the-newsletter/issues/124)). We already emit `<author>`, but some users want `[Sender] Subject` as the entry title for at-a-glance scanning in the reader. Per-feed toggle + `src/infrastructure/feed-generator.ts`.
- [x] `P2·S` **Optional sender in entry title** ([#123 — open PR upstream](https://github.com/leafac/kill-the-newsletter/pull/123), [#124](https://github.com/leafac/kill-the-newsletter/issues/124)). We already emit `<author>`, but some users want `[Sender] Subject` as the entry title for at-a-glance scanning in the reader. Per-feed toggle + `src/infrastructure/feed-generator.ts`.**Shipped:** per-feed `senderInTitle` flag (domain `FeedState.senderInTitle``FeedConfig.sender_in_title`); when set, `buildFeed` prefixes each entry title with `[Sender]` (display name, falling back to the email address). Toggle exposed as an admin edit-form checkbox and on the REST API (`FeedCreate`/`FeedUpdate`/`Feed` schemas).
- [ ] `P2·S` **Detect a newsletter's native Atom/RSS feed**_top item on upstream's own [TODO](https://github.com/leafac/kill-the-newsletter/blob/main/TODO.md), not yet built there_. When an incoming email's HTML contains `<link rel="alternate" type="application/atom+xml">` (or `application/rss+xml`), surface it: "this newsletter already publishes a feed — subscribe to it directly instead." We already parse HTML with linkedom in `src/infrastructure/html-processor.ts`, so detection is cheap; store the discovered URL on the feed and show it in the admin UI / a feed entry. A genuine differentiator — we'd ship it before upstream.
- [x] `P2·S` **Detect a newsletter's native Atom/RSS feed**_top item on upstream's own [TODO](https://github.com/leafac/kill-the-newsletter/blob/main/TODO.md), not yet built there_. When an incoming email's HTML contains `<link rel="alternate" type="application/atom+xml">` (or `application/rss+xml`), surface it: "this newsletter already publishes a feed — subscribe to it directly instead." We already parse HTML with linkedom in `src/infrastructure/html-processor.ts`, so detection is cheap; store the discovered URL on the feed and show it in the admin UI / a feed entry. A genuine differentiator — we'd ship it before upstream.**Shipped:** per-sender detection of `<link rel="alternate">` (Atom, RSS, JSON Feed) in incoming email HTML at ingestion (`src/domain/native-feed.ts` pure detector, wired in `src/application/email-processor.ts`); discovered feeds stored as `nativeFeeds: Record<string, NativeFeed[]>` on the feed metadata; admin detail page shows a "Native feeds" copyable chip group per sender, feed dashboard shows a `pill-native` ("Native feed available") pill, and a dismissable banner on the emails page prompts subscribing at the source (`nativeFeedDismissed` flag); read-only `nativeFeeds: [{ url, type }]` array on the REST `FeedSchema` (`GET`/`POST`/`PATCH /api/v1/feeds`); no change to public RSS/Atom/JSON feed output.
- [x] `P1·S` **`X-Robots-Tag: none` on feed + entry routes** ([#33](https://github.com/leafac/kill-the-newsletter/issues/33)). Private feeds/emails should never be search-indexed. Upstream sets `X-Robots-Tag: none` on its responses; we set a CSP on `/entries` but **no** robots header anywhere. Add `X-Robots-Tag: noindex` to `rss.ts`, `atom.ts`, `entries.ts`, `files.ts` (and optionally a `/robots.txt`). Low effort, real privacy gap.
@@ -70,7 +74,9 @@ Ideas from competitors (Feedbin, Readwise Reader, Inoreader, Omnivore, LetterFee
### Feed-output enrichments (small XML wins — we use the `feed` lib, which already emits `content:encoded`, `atom:link rel="self"`, stable `<guid>`)
- [ ] `P2·S` **JSON Feed 1.1 endpoint** `GET /json/:feedId` **[differentiating, cheap]** — the `feed` lib already supports `.json1()`; we only expose `.rss2()`/`.atom1()` (`src/infrastructure/feed-generator.ts`). Natively consumed by NetNewsWire, Reeder, NewsBlur, Feedly. ~1 route + 1 generator fn._origin: [JSON Feed 1.1 spec](https://www.jsonfeed.org/version/1.1/) (reader ecosystem)_
- [x] `P2·S` **JSON Feed endpoint** `GET /json/:feedId` **[differentiating, cheap]** — the `feed` lib's `.json1()` (emits JSON Feed v1) wired via `generateJsonFeed` in `src/infrastructure/feed-generator.ts`, served at `/json/:feedId` (`src/routes/json.ts`) with `Content-Type: application/feed+json` + WebSub hub `Link`. All three formats cross-link via `feedLinks`. Natively consumed by NetNewsWire, Reeder, NewsBlur, Feedly. — _origin: [JSON Feed 1.1 spec](https://www.jsonfeed.org/version/1.1/) (reader ecosystem)_
- [ ] `P3·S` **Upgrade JSON Feed output to v1.1** **[correctness, niche]** — our `/json/:feedId` emits `version: "https://jsonfeed.org/version/1"` because the `feed` lib's `.json1()` only implements v1, and the upstream request to bump it was **closed as _not planned_** ([jpmonette/feed#139](https://github.com/jpmonette/feed/issues/139)). So a true v1.1 feed needs a small post-process pass on the `.json1()` object in `generateJsonFeed` (`src/infrastructure/feed-generator.ts`): set `version` to `https://jsonfeed.org/version/1.1`, and apply the [v1.1 changes](https://www.jsonfeed.org/version/1.1/#changes-a-name-changes-a) — promote the deprecated top-level/item `author` to `authors` (array), and add the top-level `language` field. Low value (every reader still parses v1) but cheap and removes a spec-compliance footnote. — _origin: [jpmonette/feed#139 (closed, not planned)](https://github.com/jpmonette/feed/issues/139); [JSON Feed 1.1 spec](https://www.jsonfeed.org/version/1.1/)_
- [ ] `P2·M` **Per-item `<category>` + per-feed tags/categories** **[differentiating]** — we set no categories today. Tag entries by sender (or a user-set feed category) so readers (Inoreader, Feedly, NewsBlur) can filter/mute subsets. Pairs with the filtering item below; touches `FeedState`, `feed-generator.ts`. — _origin: [RSS best practices (kevincox)](https://kevincox.ca/2022/05/06/rss-feed-best-practices/); Inoreader/Feedly filtering_
@@ -88,7 +94,7 @@ Ideas from competitors (Feedbin, Readwise Reader, Inoreader, Omnivore, LetterFee
### Reading experience
- [ ] `P2·S` **OPML export** `GET /opml` **[table-stakes, easy]** — export all feeds as an OPML outline so users can bulk-import every feed into their reader in one shot. Every reader imports OPML; strong onboarding/migration win. Pure read over the feed registry. — _origin: reader ecosystem ([NetNewsWire](https://github.com/Ranchero-Software/NetNewsWire/)); Feedbin OPML export_
- [x] `P2·S` **OPML export** `GET /admin/opml` **[table-stakes, easy]** — export all feeds as an OPML 2.0 outline (`<outline type="rss" xmlUrl=…>` per feed, XML-attr-escaped) so users can bulk-import every feed into their reader in one shot. Mounted on the admin Hono app (inherits the admin auth middleware) rather than public, because the registry lists every feed's RSS URL — a public endpoint would leak them all. Returns `Content-Disposition: attachment; filename="feeds.opml"`. Implemented in `src/routes/opml.ts` over `FeedRepository.listFeeds()`. — _origin: reader ecosystem ([NetNewsWire](https://github.com/Ranchero-Software/NetNewsWire/)); Feedbin OPML export_
- [ ] `P2·L` **Full-text search across received emails** **[differentiating]** — admin-side search over subjects + bodies (Omnivore/Feedbin have this). On KV this means an index or scan; consider scope (subject-only first) before building. — _origin: [Omnivore](https://www.timeatlas.com/omnivore-newsletters/); Feedbin search_
@@ -106,13 +112,13 @@ Verified-missing in our code, deduplicated against the sections above. From a co
### Delivery / bandwidth
- [ ] `P2·S` **Conditional GET on feeds (ETag + Last-Modified + 304)** **[table-stakes, easy]** — `rss.ts`/`atom.ts` only send `Cache-Control: max-age=1800`; no validators. Emit a strong `ETag` (hash of the latest entry id + count) and `Last-Modified` (newest `receivedAt`), and return `304 Not Modified` on `If-None-Match`/`If-Modified-Since`. Cuts bandwidth for every polling reader. Generate the ETag _before_ compression. — _origin: internal code audit ([RFC 9110 conditional requests](https://www.rfc-editor.org/rfc/rfc9110#name-conditional-requests))_
- [x] `P2·S` **Conditional GET on feeds (ETag + Last-Modified + 304)** **[table-stakes, easy]** — `rss.ts`/`atom.ts` now emit a strong `ETag` (`"<format>-<feedId>-<count>-<maxReceivedAt>"`) and `Last-Modified` (newest `receivedAt`), and return `304 Not Modified` on matching `If-None-Match`/`If-Modified-Since` before generating any XML. Validators are computed from the loaded `FeedData` (not the rendered bytes) in `src/infrastructure/http-cache.ts` (`computeFeedValidators`/`isNotModified`/`notModifiedResponse`), shared by both routes; rss vs atom get distinct ETags via the format prefix. Cuts bandwidth for every polling reader. — _origin: internal code audit ([RFC 9110 conditional requests](https://www.rfc-editor.org/rfc/rfc9110#name-conditional-requests))_
- [ ] `P3·L` **RFC 5005 paged / archived feeds** **[differentiating, niche]** — readers only ever see the capped current window; older entries vanish. Mark the subscription document `fh:complete` and expose `prev-archive` pages so readers can backfill history. Pairs naturally with our expiring-feed model (an expired feed = a sealed archive). ([RFC 5005](https://www.rfc-editor.org/rfc/rfc5005.html))
### Ingestion robustness
- [ ] `P1·M` **Duplicate-send dedup** **[differentiating]** — the same newsletter resent (or delivered twice) creates two entries today (key = `receivedAt`). Dedup by `Message-ID` first, then a SHA-256 of normalized subject+body within a short window, in `src/application/email-processor.ts`. Fixes the upstream "duplicate posts" complaint ([#31](https://github.com/leafac/kill-the-newsletter/issues/31), [#6](https://github.com/leafac/kill-the-newsletter/issues/6)).
- [x] `P1·M` **Duplicate-send dedup** **[differentiating]** — a newsletter resent (or delivered twice) is now stored once. `storeEmail` (`src/application/email-processor.ts`) computes the `Message-ID` (case-insensitive header lookup) and a SHA-256 of normalized `subject+content`, then asks the aggregate `feed.hasDuplicate(messageId, dedupHash)` (`src/domain/feed.aggregate.ts`): primary match on `Message-ID`, fallback to the content hash when neither side has a Message-ID. A duplicate is a successful no-op (`{ ok: true }`, nothing stored/dispatched) and bumps a new `emails_deduplicated` counter (status page + `/api/v1/stats`). `EmailMetadata` gained additive `messageId?`/`dedupHash?` fields, so pre-feature entries never false-match. Fixes the upstream "duplicate posts" complaint ([#31](https://github.com/leafac/kill-the-newsletter/issues/31), [#6](https://github.com/leafac/kill-the-newsletter/issues/6)).
- [ ] `P3·M` **Calendar (.ics) invite extraction** **[differentiating, novel]** — no email→feed tool does this. Detect `text/calendar` parts, parse the event, and surface it in the entry (summary + an `.ics` enclosure / add-to-calendar link). Useful for event/booking newsletters. — _origin: internal (novel; no external requester)_
@@ -120,7 +126,11 @@ Verified-missing in our code, deduplicated against the sections above. From a co
### Auth & privacy
- [ ] `P2·M` **Scoped / multiple API tokens** **[security]** — the REST API currently accepts the single `ADMIN_PASSWORD` as the bearer (`src/infrastructure/auth.ts`). Add named, independently-revocable tokens (optionally read-only or feed-scoped) so automation doesn't hold the master password. — _origin: internal security audit_
- [ ] `P2·M` **Scoped / multiple API tokens (admin-managed)** **[security]** — the REST API currently accepts the single `ADMIN_PASSWORD` as the bearer (`src/infrastructure/auth.ts`). Add named, independently-revocable tokens (optionally read-only or feed-scoped) that the admin can **create, list, and revoke from the admin UI** (stored hashed in KV, shown once on creation), so automation doesn't hold the master password. The bearer middleware then accepts either `ADMIN_PASSWORD` or any active token; revoking a token is instant. — _origin: internal security audit; juherr (manage API tokens)_
- [ ] `P2·S` **Change the admin password from the UI** **[security]** — today `ADMIN_PASSWORD` is a Worker secret set via `wrangler secret put`, so rotating it means a redeploy. Add an admin-UI action (current password + new password) that stores a hashed password override in KV (e.g. `admin:password`); `src/infrastructure/auth.ts` checks the KV override first and falls back to the `ADMIN_PASSWORD` env secret when unset, so existing installs keep working and the env var becomes the bootstrap/reset default. Pairs with the API-tokens item (same auth surface). — _origin: internal; juherr (change admin password)_
- [ ] `P3·XL` **Multi-user support** **[differentiating]** — today the app is single-admin (one `ADMIN_PASSWORD` guards all feeds; `feeds:list` is global). Support multiple user accounts, each owning a private subset of feeds: per-user credentials/sessions, feed ownership on `FeedState`, per-user feed registry (scope `feeds:list` by owner), and admin scoping across the admin UI + REST API. Big lift — touches auth, the feed registry/key schema, and every admin/API route; depends on the change-password and API-token items as the auth foundation. ⚠ Note the off-Cloudflare epic currently lists "Multi-tenant / multi-domain admin" as out of scope — reconcile that scope boundary before committing. — _origin: internal; juherr (multi-user)_
- [ ] `P2·M` **Token-protected private feeds** **[security, differentiating]** — `/rss` and `/atom` are public-by-obscurity (anyone with the URL reads it). Offer an opt-in `?token=…` (FreshRSS-style) or HMAC-signed, optionally expiring URL (fits our expiring-feed model) so a feed can be truly private and shareable without leaking the inbound address. Complements the _separate write/read IDs_ item above. ([FreshRSS](https://freshrss.github.io/FreshRSS/en/admins/09_AccessControl.html))
@@ -177,3 +187,66 @@ Breakdown of the _"Per-feed favicon from the last sender's domain"_ item above (
- [x] `P2·S` **Expose in outputs** — the icon is referenced from the RSS `<image>` and Atom `<icon>`/`<logo>` in `src/utils/feed-generator.ts`, and rendered next to each feed in the admin list/table (`src/routes/admin.tsx`).
- [x] `P2·S` **Failure handling** — missing/blocked favicons degrade gracefully to the project favicon fallback (negative cache entry); icon fetch errors never surface to ingestion or feed rendering.
## Operability, versioning & ecosystem (2026-05-24)
Self-host operational quality-of-life: knowing which version you run, when to update, and how many people run KTN.
- [x] `P3·S` **Display the running version** **[table-stakes, easy]** — surface the deployed app version (from `package.json` `version`, currently `0.2.1`) somewhere visible: the admin UI footer and/or the public status page (`src/routes/home.tsx`), and ideally the `/health` JSON. Bundle the version at build time (inline the `package.json` version into the Worker, since there's no filesystem at runtime) and render it. Foundation for the update-notification item below. — **Shipped:** `package.json` version is inlined at bundle time via `src/config/version.ts` (`import pkg from "../../package.json"`, `resolveJsonModule`), exposed as `APP_VERSION`; rendered in the shared admin/status footer (`src/routes/admin/ui.tsx` Layout, so both the status page and admin show it), added to the `/health` JSON, and to the canonical monitoring endpoint `/api/v1/stats` (`StatsResponse.version`, public). — _origin: internal_
- [ ] `P3·M` **Notify when an update is available** **[differentiating for self-hosters]** — compare the running version against the latest GitHub Release tag and show a discreet "update available → vX.Y.Z" banner in the admin UI when behind. Fetch `https://api.github.com/repos/<owner>/<repo>/releases/latest` (cache aggressively — Cache API / KV with a long TTL — to respect GitHub rate limits and avoid a call per page load), compare semver against the bundled version. Depends on the "display version" item. Keep it opt-out-able (it makes one outbound call). — _origin: internal_
- [ ] `P3·L` **Public instances directory and/or instance counter (opt-in telemetry)** **[differentiating, ecosystem]** — let a self-hosted instance optionally announce itself to a central registry so we can show a count of live instances (and, if the operator opts in to being listed, a public directory of instances). Each instance periodically pings a central endpoint (on the existing cron) with minimal, **opt-in** data (e.g. an anonymous instance id + version; a public listing would additionally need a name/URL the operator explicitly provides). ⚠ Privacy-first: **off by default**, clearly documented, no PII/feed data ever sent; respect "count me but don't list me". Needs a central collector (a separate tiny Worker + KV/DO) plus an `INSTANCE_TELEMETRY`/`INSTANCE_DIRECTORY` opt-in env on the client side, fired from `index.ts`'s `scheduled` handler. — _origin: internal_
## Epic: Pluggable runtime, storage & ingestion (off-Cloudflare support)
`P2·XL` **Run KTN off Cloudflare from one codebase, adapter-selected by config.** Reference non-CF target: **Clever Cloud** (container + Cellar S3 + a KV/SQL add-on) with **Sweego** inbound for email. — _origin: internal (broader audience / reduced lock-in)_
**Context / motivation.** KTN is Cloudflare-native: Workers runtime, KV + R2 bindings, Email Workers, cron triggers. The v0.2.0 DDD refactor already introduced the seams that make portability tractable — KV access is behind repository adapters (`FeedRepository`, `IconRepository`, `WebSubSubscriptionRepository`, `CountersRepository`), ingestion is transport-agnostic (`processEmail` is decoupled from the CF email handler, and a webhook path `/api/inbound` already exists), HTTP is Hono (runtime-agnostic), and background work is abstracted behind `BackgroundScheduler`. This epic turns those seams into selectable adapters so KTN can run on a plain Node/container host with non-CF storage and email ingestion.
**Goal / outcome.** KTN runs on two reference profiles from one codebase:
- **A — CF-native (today):** Workers + KV + R2 + Cloudflare Email Routing.
- **B — Clever+Sweego:** Node container + Cellar (S3 blob) + KV-store add-on + Sweego inbound webhook + Node scheduler.
Adapter chosen by config (env), no code change. Same test suite green on both.
**Coupling points → adapters.**
| Area | CF-native (today) | New adapter (target B) |
| ------------------ | ------------------------------------------------------ | -------------------------------------------------------------- |
| Runtime/entrypoint | `export default { fetch, email, scheduled }` | Node entrypoint (`@hono/node-server`) + Dockerfile |
| HTTP | Hono (portable) | Hono (no change; abstract CF-only globals) |
| KV store | `KVNamespace` binding | SQL (Postgres/SQLite) or Redis (Materia KV) adapter |
| Blob/attachments | `R2Bucket` binding | S3-compatible (Cellar) via aws4fetch/S3 client |
| Email ingestion | CF Email Worker (`ForwardableEmailMessage`) | Sweego inbound webhook → `/api/inbound` |
| Cron cleanup | CF cron trigger | Node scheduler (node-cron) or external trigger |
| Background | `ctx.waitUntil` (already behind `BackgroundScheduler`) | run-and-await Node impl |
| Config/DI | CF bindings on `Env` | driver-selection layer (`*_DRIVER` envs) wiring repos→backends |
**Sub-tasks (deliverable independently).**
- [ ] `P2·M` **Storage driver abstraction + config layer** — formalize the repository interfaces already implied by `FeedRepository` et al.; add a DI/config layer selecting backends from env. Foundation; no behavior change on CF. — _origin: internal_
- [ ] `P2·M` **Blob adapter: S3-compatible (Cellar)** — put attachments behind a `BlobStore` interface; CF R2 + S3 (aws4fetch, works on Workers and Node). Lowest risk, immediately reusable. — _origin: internal_
- [ ] `P2·L` **KV-store adapter for self-host** — implement the key schema over SQL (recommended: Postgres/SQLite for list-by-prefix semantics) and/or Redis. ⚠ If targeting Materia KV, confirm KTN never relies on `RENAME` (Materia lacks it — see consumer's ADR-0011); audit the single key schema. — _origin: internal_
- [ ] `P2·L` **Node runtime entrypoint + container**`@hono/node-server`, Dockerfile, health endpoint; abstract CF-only globals (`caches`, reliance on `CF-Connecting-IP` in proxy-auth → generalize to `X-Forwarded-For`/trusted-proxy config). — _origin: internal_
- [ ] `P2·L` **Ingestion transport abstraction + Sweego adapter** — generalize `/api/inbound` to provider-agnostic: pluggable payload parser (Sweego JSON → `ProcessEmailInput`, mirroring `parseForwardEmailPayload`) + pluggable webhook auth (HMAC signature / shared secret / IP allowlist). Document that `message.forward()` fallback is CF-Email-Worker-only; on webhook transports, unmatched-mail handling is the provider's concern (Sweego catch-all is isolated to the inbound domain, so the fallback hack isn't needed). — _origin: internal_
- [ ] `P2·M` **Scheduler adapter** — make `feed-cleanup` runnable via a Node scheduler or an authenticated `/internal/cron` endpoint for external triggers. — _origin: internal_
- [ ] `P2·M` **CI matrix + docs** — build/test both targets; INSTALL.md Clever+Sweego profile; deployment guide. — _origin: internal_
**Open questions (resolve before the Sweego adapter sub-task).**
- Sweego inbound: webhook auth mechanism (HMAC? signed header? IP list?), JSON payload schema, and attachment delivery (inline base64 vs URLs vs multipart) — drives the parser + how attachments stream into the blob store.
- Clever KV backend choice: Materia KV (Redis, no `RENAME`) vs Postgres add-on — decide from the key-op audit in the KV-store sub-task.
**Out of scope.**
- Running KTN's own SMTP/MTA server (inbound stays delegated: CF Email Routing, Sweego, or ForwardEmail). No port-25 listener.
- Multi-tenant / multi-domain admin.
**Acceptance criteria.**
- One codebase deploys to both profiles via config only.
- Full vitest suite green on both runtimes.
- Documented end-to-end Clever+Sweego deploy: a newsletter to `noun.noun.NN@<inbound-domain>` lands in a feed; attachments served from Cellar; cleanup cron runs.
- No regression on the CF-native profile.
docs/index.html
+40
View File
@@ -778,6 +778,14 @@
<p>Your emails and feeds live exclusively in your own Cloudflare account. No shared infrastructure, no data mining.</p>
</div>
<div class="feature-card">
<div class="feature-icon">
<svg width="18" height="18" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"/><path d="M9 12l2 2 4-4"/></svg>
</div>
<h3>Separate Address &amp; Feed URL</h3>
<p>Your subscribe address and your feed's reading URL are independent, unguessable ids. Share a feed without leaking the inbox that feeds it — and an address a newsletter harvests can never be turned into your feed.</p>
</div>
<div class="feature-card">
<div class="feature-icon">
<svg width="18" height="18" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><line x1="12" y1="1" x2="12" y2="23"/><path d="M17 5H9.5a3.5 3.5 0 0 0 0 7h5a3.5 3.5 0 0 1 0 7H6"/></svg>
@@ -858,6 +866,38 @@
<p>Automate feeds and emails through a versioned REST API, documented with an OpenAPI 3.1 spec and a <a href="https://demo.kill-the.news/api/docs" target="_blank" rel="noopener" style="color:var(--accent)">live interactive reference</a>.</p>
</div>
<div class="feature-card">
<div class="feature-icon">
<svg width="18" height="18" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M4 11a9 9 0 0 1 9 9"/><path d="M4 4a16 16 0 0 1 16 16"/><circle cx="5" cy="19" r="1"/></svg>
</div>
<h3>RSS, Atom &amp; JSON Feed</h3>
<p>Every feed is served in all three formats — RSS 2.0, Atom, and JSON Feed — so it just works in NetNewsWire, Reeder, Feedly, NewsBlur and any other reader. Conditional requests (ETag / 304) keep polling cheap.</p>
</div>
<div class="feature-card">
<div class="feature-icon">
<svg width="18" height="18" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M14 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V8z"/><polyline points="14 2 14 8 20 8"/><line x1="8" y1="13" x2="16" y2="13"/><line x1="8" y1="17" x2="16" y2="17"/></svg>
</div>
<h3>One-Click OPML Export</h3>
<p>Export all your feeds as an OPML file and bulk-import them into any reader in one shot — easy onboarding, and no lock-in if you ever want to move.</p>
</div>
<div class="feature-card">
<div class="feature-icon">
<svg width="18" height="18" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M22 16.92v3a2 2 0 0 1-2.18 2 19.79 19.79 0 0 1-8.63-3.07A19.5 19.5 0 0 1 4.69 12a19.79 19.79 0 0 1-3.07-8.67A2 2 0 0 1 3.6 1.27h3a2 2 0 0 1 2 1.72c.127.96.361 1.903.7 2.81a2 2 0 0 1-.45 2.11L7.91 8.37a16 16 0 0 0 5.72 5.72l1.17-.94a2 2 0 0 1 2.11-.45c.907.339 1.85.573 2.81.7A2 2 0 0 1 22 16.92z"/><path d="M14.05 2a9 9 0 0 1 8 7.94"/><path d="M14.05 6A5 5 0 0 1 18 10"/></svg>
</div>
<h3>Never Lose a Confirmation Link</h3>
<p>kill-the-news detects "confirm your subscription" emails at ingestion and surfaces the link prominently in the admin — unlike kill-the-newsletter, where the confirm email lands buried in your feed reader and is easily missed.</p>
</div>
<div class="feature-card">
<div class="feature-icon">
<svg width="18" height="18" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M10 13a5 5 0 0 0 7.54.54l3-3a5 5 0 0 0-7.07-7.07l-1.72 1.71"/><path d="M14 11a5 5 0 0 0-7.54-.54l-3 3a5 5 0 0 0 7.07 7.07l1.71-1.71"/></svg>
</div>
<h3>Find the Source Feed</h3>
<p>If a newsletter already publishes RSS, Atom, or JSON Feed, kill-the-news spots it and points you to the original — subscribe at the source directly when you prefer.</p>
</div>
</div>
</section>
docs/superpowers/plans/2026-05-25-native-feed-detection.md
+1328
View File
File diff suppressed because it is too large Load Diff
docs/superpowers/plans/2026-05-25-subscription-confirmation.md
+1393
View File
File diff suppressed because it is too large Load Diff
docs/superpowers/specs/2026-05-25-native-feed-detection-design.md
+178
View File
@@ -0,0 +1,178 @@
# Detect a newsletter's native Atom/RSS/JSON feed — design
_Date: 2026-05-25 · Backlog item: TODO.md "Detect a newsletter's native Atom/RSS feed" (P2·S)_
## Goal
When an incoming newsletter email's HTML advertises its own syndication feed via
`<link rel="alternate" type="…">`, detect it and surface it to the admin:
"this newsletter already publishes a feed — you can subscribe to it directly."
A genuine differentiator: it is the top item on upstream kill-the-newsletter's
own TODO and is not built there. Per the user, detect **Atom, RSS, and JSON Feed**.
## Approach
Reuse the existing, proven pipeline — identical to the **confirmation-detection**
feature and the **per-sender unsubscribe** storage:
infra parses the HTML → a **pure domain detector** decides which links count →
the result rides into the aggregate via `IngestOptions` (like `unsub`) → the
aggregate stores it per-sender → admin surfaces it (detail + list badge +
dashboard pill + dismiss) → exposed read-only on the REST API.
Alternative considered and rejected: an ad-hoc detector living in infrastructure.
The "which MIME types are a feed" rule is business knowledge, so it belongs in
`domain/`, mirroring `domain/confirmation.ts`.
## Data model
```ts
// New value shape
type NativeFeed = { url: string; type: "rss" | "atom" | "json" };
// FeedMetadata (src/types/index.ts) — additive, like `unsubscribe` / `pendingConfirmation`
nativeFeeds?: Record<string, NativeFeed[]>; // key = senderKey (same scheme as `unsubscribe`)
nativeFeedDismissed?: boolean; // dismiss: hides pill + badge, keeps the URLs
// FeedListItem (src/types/index.ts) — projected flag for the dashboard, like pendingConfirmation
hasNativeFeed?: boolean;
```
Update semantics (chosen by the user: "accumulation, but latest-per-sender"):
- Storage is **per sender**, keyed by the same `senderKey` used for `unsubscribe`
(`input.senders[0] || iconDomain || input.from`).
- **Latest non-empty wins per sender**: the most recent email from a given sender
that declares feeds overwrites _that sender's_ list; other senders are preserved.
Mirrors how `ingest` updates `unsubscribe` only when an unsubscribe URL is present.
- The aggregate exposes `nativeFeeds(): NativeFeed[]` = the **union across senders,
deduped by URL** (returns a copy).
- Projected flag `hasNativeFeed = nativeFeeds().length > 0 && !nativeFeedDismissed`.
Smart re-notify (avoid nagging on every email):
- On ingest, if a **previously-unseen URL** appears (not in the current union),
clear `nativeFeedDismissed` (re-raise the notice).
- If ingestion only re-discovers already-known URLs, leave `nativeFeedDismissed`
untouched, so a dismiss sticks until a genuinely new native feed shows up.
## Detection
**Infra — `src/infrastructure/html-processor.ts`**: new
`extractFeedLinks(content): { href: string; type: string }[]`.
- Parse `<link>` elements whose `rel` token-list contains `alternate` and that
carry a `type` attribute (`link[rel~="alternate"][type]`).
- Return the raw `href` + `type` tuples; absolutize a relative `href` best-effort
via the existing `toAbsolute` helper; http(s) only (drop others).
- Plain-text bodies have no `<link>` → returns `[]`.
**Domain — `src/domain/native-feed.ts`** (pure, no DOM/IO, mirrors `confirmation.ts`):
`detectNativeFeeds(links): NativeFeed[]`.
- Owns the recognized MIME → kind table (strict, the three canonical types only):
- `application/atom+xml``"atom"`
- `application/rss+xml``"rss"`
- `application/feed+json``"json"`
- Ignores any other type (no `application/json` — too broad, would capture non-feeds).
- Dedupes by URL; preserves first-seen kind for a URL.
## Ingestion wiring
**`src/application/email-processor.ts`**: alongside the existing confirmation +
unsubscribe extraction, call `extractFeedLinks(input.content)`
`detectNativeFeeds(...)`. When non-empty, pass into `feed.ingest` via
`IngestOptions`:
```ts
nativeFeeds?: { senderKey: string; feeds: NativeFeed[] };
```
`senderKey` is the same value already computed for `unsub`.
**`src/domain/feed.aggregate.ts`**:
- `ingest`: when `opts.nativeFeeds` is present, set
`_metadata.nativeFeeds[senderKey] = feeds`; if any feed URL is new vs the
pre-update union, set `_metadata.nativeFeedDismissed = false`.
- Getter `nativeFeeds(): NativeFeed[]` — union deduped by URL (copy).
- Getter `hasNativeFeed(): boolean``nativeFeeds().length > 0 && !dismissed`.
- `dismissNativeFeed(): void` — sets `nativeFeedDismissed = true` (lower-only,
mirrors `dismissConfirmation`).
- `removeEmails` does **not** touch native feeds (the data is per-sender, not
per-email; deleting emails should not drop a discovered native feed).
**`src/infrastructure/feed-mapper.ts`**: `toListItemDTO` gains a `hasNativeFeed`
parameter (like `pendingConfirmation`), projected into `FeedListItem`. The
repository passes `feed.hasNativeFeed()` when saving. `nativeFeeds` /
`nativeFeedDismissed` persist as part of `FeedMetadata` (stored directly in KV —
additive, no mapper change for the metadata blob itself).
## REST API
**`src/routes/api/schemas.ts`** — `FeedSchema` gains a read-only field:
```ts
nativeFeeds: z.array(z.object({
url: z.string(),
type: z.enum(["rss", "atom", "json"]),
})),
```
Populated from `feed.nativeFeeds()` in the feed-read handler so an API client can
choose which native feed to subscribe to. Read-only — not accepted on
`FeedCreate`/`FeedUpdate`.
## Admin UI
Mirror the confirmation surfaces (detail + badge + pill + dismiss).
- **Detail (per-feed view, `src/routes/admin/emails.tsx`)**: next to the existing
`FeedFormats` "Subscribe" block (the **KTN feeds**), render a second group
**"Native feeds"** when `nativeFeeds()` is non-empty. Each native feed is a
copyable chip (type label RSS/Atom/JSON + copy + open-in-new-tab), reusing the
existing copyable/chip styling. Net result: KTN feeds on one side, native feeds
on the other, both copy-pasteable into a reader. Include a "dismiss" control
(POST to the dismiss route) to clear the dashboard/list notice.
- **List badge (`src/routes/admin.tsx` feed row)**: a discreet badge when
`hasNativeFeed`.
- **Dashboard pill**: `pill-native` (styled like `pill-confirmation`) on the
dashboard feed list when `hasNativeFeed`.
- **Dismiss route**: `POST /admin/feeds/:feedId/native-feed/dismiss` → load
aggregate → `feed.dismissNativeFeed()` → save → JSON ok. Client script wired
like the existing `confirmation-dismiss` (in `src/scripts/client/`).
- **Styles**: add `.native-feeds` group + `.pill-native` + badge rules in
`src/styles/components.css`, matching the format-chip / confirmation styling.
## Out of scope (v1)
- No change to the **public XML/JSON feed output** (user decision: native feeds
live in admin + REST, not in the rendered feeds).
- No anchor-text heuristics ("Subscribe via RSS" links) — `<link rel=alternate>`
only, to keep false positives near zero.
## Testing
- `src/domain/native-feed.test.ts` — MIME mapping, dedupe, ignores unknown types.
- `src/infrastructure/html-processor.test.ts``extractFeedLinks`: rel/type
parsing, relative-href absolutization, http(s)-only, plain-text → `[]`.
- `src/domain/feed.aggregate.test.ts` — ingest per-sender latest-wins, union
getter, re-notify on new URL, dismiss lower-only, removeEmails leaves it intact.
- `src/application/email-processor.test.ts` — end-to-end: an email with a
`<link rel=alternate>` populates `nativeFeeds`; one without leaves it alone.
- `src/infrastructure/feed-mapper.test.ts` / repository — `hasNativeFeed`
projection into `feeds:list`.
- `src/routes/admin.test.ts` — detail "native-feeds" group, list badge, dashboard
`pill-native`, dismiss route clears the flag.
- REST API test — `FeedSchema.nativeFeeds` present in the feed-read response.
End green: `npx tsc --noEmit`, `npm test`, `npm run build`.
## Docs
- `README.md` / `INSTALL.md` — mention native-feed detection.
- `docs/index.html` (marketing landing) — add a feature card (it's a
differentiator we ship before upstream).
- `CLAUDE.md` — add `domain/native-feed.ts` to the source layout; note the new
`FeedMetadata.nativeFeeds` / `nativeFeedDismissed` fields.
docs/superpowers/specs/2026-05-25-subscription-confirmation-design.md
+206
View File
@@ -0,0 +1,206 @@
# Subscription confirmation surfacing — design
_Date: 2026-05-25 · Origin: TODO.md `P1·M` "Subscription confirmation handling" (upstream issues #5, #23, #57, #73, #89, #95, #97)_
## Problem
Newsletters require a "click to confirm your subscription" step. The confirmation
email lands in the feed like any other item, so the user has to hunt the link
inside a feed reader — the single most recurring upstream request. Until they
confirm, the feed stays empty and the tool looks broken.
## Goal (v1 scope)
Detect confirmation emails at ingestion, **mark** them, and **surface the
confirmation link prominently** in the admin so the user can click it. No outbound
requests — the worker never follows the link in v1.
Explicitly deferred to a later batch (noted in TODO): a server-configured
on-detection action (`none` / `autoclick` / `forward` to the fallback box).
## Non-goals
- No auto-clicking / server-side following of confirmation links (SSRF surface).
- No per-feed action configuration.
- No detection of whether confirmation actually succeeded (impossible without
autoclick) — "dismiss" just stops the reminder.
## Architecture overview
Detection is a **pure domain service** fed by infra-extracted links/text; the
result is persisted on the email's metadata at ingestion and a feed-level flag is
projected into `feeds:list` so the dashboard stays at one KV read.
```
ingestion (storeEmail)
├─ infra: htmlToText(content) + extractLinks(content)
├─ domain: detectConfirmation({subject, text, links}) → {score, links[]} | null
├─ if detected → EmailMetadata.confirmation = { links }
└─ Feed.ingest() raises FeedMetadata.pendingConfirmation = true
→ FeedRepository.saveMetadata projects pendingConfirmation into feeds:list
```
## 1. Detection
### `src/domain/confirmation.ts` (new, pure — no DOM)
```ts
detectConfirmation(input: {
subject: string;
text: string; // plain-text rendition of the body
links: { href: string; text: string }[];
}): { score: number; links: string[] } | null
```
- **Multilingual keyword lists** (FR/EN/DE/ES and extensible) for subject + body:
`confirm`, `verify`, `activate`, `subscribe`, `confirmer`, `valider`,
`activer`, `bestätigen`, `confirmar`, `verificar`, … (case/diacritic-insensitive
matching).
- **Link scoring** by anchor text + URL path/query signals: `/confirm`, `/verify`,
`/activate`, `/subscribe`, `/opt-in`, `token=`, `confirm=`, `?c=`, etc.
- **Combined score** = subject/body keyword signal + best link signal. Above a
tuned `THRESHOLD` → return the ranked candidate links (top 3). Below → `null`.
- Only `http(s):` links are ever considered/returned (no `javascript:`/`data:`/
`mailto:`).
- This module owns the business knowledge (keyword vocab, weights, threshold);
it is unit-tested in isolation.
### `src/infrastructure/html-processor.ts` — `extractLinks`
```ts
extractLinks(content: string): { href: string; text: string }[]
```
- HTML: linkedom parse, collect `<a href>` + anchor text.
- Plain text: regex URL fallback (href = url, text = url).
- Infra owns DOM parsing; the domain receives plain data.
### `src/application/email-processor.ts` — wire-in
In `storeEmail`, before building `newEntry`:
```ts
const text = htmlToText(input.content);
const links = extractLinks(input.content);
const confirmation = detectConfirmation({
subject: input.subject,
text,
links,
});
// → EmailMetadata.confirmation = confirmation ? { links: confirmation.links } : undefined
```
Computed once at reception. Dedup/ingest flow otherwise unchanged.
## 2. Data model (additive)
### `EmailMetadata` (`src/types/index.ts`)
```ts
confirmation?: { links: string[] }; // present ⇒ detected; links = ranked top-3
```
Presence powers the list badge and the detail section. Additive → pre-feature
emails have nothing (no retroactive false positives).
### `FeedMetadata` (`src/types/index.ts`)
```ts
pendingConfirmation?: boolean; // ≥1 unactioned confirmation email present
```
### `FeedListItem` (`src/types/index.ts`)
```ts
pendingConfirmation?: boolean; // projected from FeedMetadata for the dashboard
```
### Aggregate `Feed` (`src/domain/feed.aggregate.ts`)
- `ingest()` sets `pendingConfirmation = true` when the new `EmailMetadata` carries
`confirmation`.
- `removeEmails()` recomputes the flag (false when no confirmation email remains).
- `dismissConfirmation()` sets it to false.
- read accessor `pendingConfirmation`.
### Persistence (`src/infrastructure/feed-repository.ts` + `feed-mapper.ts`)
- `FeedMetadata` round-trips `pendingConfirmation`.
- **Sync invariant extended**: `saveMetadata` projects `pendingConfirmation` into
the `feeds:list` item (today only `save`/`saveConfig` upsert the list). This is
the one metadata-derived field the list carries; it keeps the dashboard at a
single KV read instead of N per-feed metadata reads.
## 3. Admin UI
### a) Detail view — dedicated section (`routes/admin/emails.tsx`, `GET /emails/:emailKey`)
Above the Rendered/Raw toggle, shown when `email.confirmation`:
- Heading "Confirm your subscription".
- Best-scored link as a **primary button**; remaining candidates as secondary
links. URLs shown in clear text (transparency). `target="_blank" rel="noopener
noreferrer"`.
### b) Email list badge (`routes/admin/emails.tsx`, `GET /feeds/:feedId/emails`)
A "Confirmation" badge in the subject cell of rows where `email.confirmation`
exists, styled like the existing attachment indicator.
### c) Dashboard indicator (`routes/admin.tsx`, `GET /`)
A "Confirmation pending" pill on feeds whose `FeedListItem.pendingConfirmation` is
true (list + table views), read with zero extra KV reads. Links to the feed's
emails page.
### d) Feed emails-page banner (`routes/admin/emails.tsx`)
When `feedMetadata.pendingConfirmation`: a top banner "A confirmation email was
detected" linking to the latest confirmation email, plus a "Mark as confirmed"
button (dismiss).
### Post-creation redirect
`POST /admin/feeds/create` redirects to `/admin/feeds/:feedId/emails` (not the
dashboard) so the user lands where the banner appears once the (async) confirmation
email arrives.
## 4. Dismiss action
`POST /admin/feeds/:feedId/confirmation/dismiss`:
- load aggregate → `feed.dismissConfirmation()``repo.saveMetadata(feed)`
(reprojects `pendingConfirmation:false` into `feeds:list`).
- JSON response for the banner's fetch (mirrors the existing sender-filter
pattern); redirect fallback for no-JS.
- Protected by the existing admin auth + CSRF middleware.
"Dismiss" = "stop reminding me" (no real confirmation tracking without autoclick).
Deleting the confirmation email(s) also clears the flag via `removeEmails`.
## Security
- v1 performs **no outbound request** → no SSRF surface.
- Candidate `href`s filtered to `http(s):` only; never `javascript:`/`data:`.
- Output escaped via normal hono/jsx rendering.
## Testing (TDD)
- `confirmation.test.ts` (domain): multilingual scoring, threshold, link ranking,
negative cases (normal newsletter doesn't trigger), plain-text body.
- `html-processor.test.ts`: `extractLinks` for HTML and plain text.
- `email-processor.test.ts`: confirmation email → `EmailMetadata.confirmation`
populated + `pendingConfirmation` raised; dedup/ingest otherwise unchanged.
- `admin.test.ts` / emails tests: list badge, detail section, dashboard pill,
banner, dismiss route (clears flag + reprojects into list).
Close green: `npx tsc --noEmit`, `npm test`, `npm run build`.
## Docs
- `README.md` + `INSTALL.md`: "Subscription confirmation surfacing" capability.
- `docs/index.html` (landing): feature card — a genuine differentiator vs
kill-the-newsletter.
- `TODO.md`: check off `P1·M` "Subscription confirmation handling"; add a new
`P2·M` "Confirmation on-detect action (none/autoclick/forward)" item capturing
the deferred server options + SSRF/fallback notes.
package.json
+1 -1
View File
@@ -1,6 +1,6 @@
{
"name": "kill-the-news",
"version": "0.2.1",
"version": "0.3.0-develop",
"description": "Convert email newsletters into private RSS feeds using Cloudflare Workers",
"main": "dist/worker.js",
"scripts": {
src/application/email-processor.test.ts
+314 -5
View File
@@ -1,6 +1,6 @@
import { describe, it, expect, beforeEach } from "vitest";
import { http, HttpResponse } from "msw";
import { createMockEnv, MockR2, server } from "../test/setup";
import { createMockEnv, MockR2, seedInboundIndex, server } from "../test/setup";
import {
processEmail,
ProcessEmailInput,
@@ -30,8 +30,10 @@ function makeInput(
describe("processEmail", () => {
let env: ReturnType<typeof createMockEnv>;
beforeEach(() => {
beforeEach(async () => {
env = createMockEnv();
// The inbound address resolves to a feed of the same id in these unit tests.
await seedInboundIndex(env, VALID_FEED_ID);
});
it("returns 400 when toAddress has no valid feedId", async () => {
@@ -42,7 +44,18 @@ describe("processEmail", () => {
expect(res).toMatchObject({ ok: false, reason: "invalid_address" });
});
it("returns 404 when feed does not exist", async () => {
it("returns mailbox_unknown when no feed claims the inbound address", async () => {
// A well-formed mailbox (noun.noun.NN) that was never registered in the
// inbound index — distinct from a dangling index pointing at a missing feed.
const res = await processEmail(
makeInput({ toAddress: "unknown.mailbox.99@test.getmynews.app" }),
env as any,
);
expect(res).toMatchObject({ ok: false, reason: "mailbox_unknown" });
});
it("returns feed_not_found when the index resolves but the feed is gone", async () => {
// The inbound index is seeded (beforeEach) but no config exists for it.
const res = await processEmail(makeInput(), env as any);
expect(res).toMatchObject({ ok: false, reason: "feed_not_found" });
});
@@ -319,14 +332,14 @@ describe("processEmail", () => {
passThroughOnException: () => {},
} as unknown as ExecutionContext;
// Feed ID is valid format but config doesn't exist → 404
// Well-formed mailbox but not registered → mailbox_unknown (an error path).
const res = await processEmail(
makeInput({ toAddress: `no.such.99@test.getmynews.app` }),
env as any,
ctx,
);
expect(res).toMatchObject({ ok: false, reason: "feed_not_found" });
expect(res).toMatchObject({ ok: false, reason: "mailbox_unknown" });
expect(waitUntilCalled).toBe(false);
});
});
@@ -343,6 +356,7 @@ describe("processEmail — attachments", () => {
it("skips R2 upload when ATTACHMENT_BUCKET is not configured", async () => {
const env = createMockEnv();
await seedInboundIndex(env, VALID_FEED_ID);
await env.EMAIL_STORAGE.put(
`feed:${VALID_FEED_ID}:config`,
JSON.stringify({}),
@@ -366,6 +380,7 @@ describe("processEmail — attachments", () => {
it("skips R2 upload when ATTACHMENTS_ENABLED is 'false' even with R2 bound", async () => {
const env = createMockEnv({ withR2: true });
await seedInboundIndex(env, VALID_FEED_ID);
(env as any).ATTACHMENTS_ENABLED = "false";
const mockR2 = (env as any).ATTACHMENT_BUCKET as unknown as MockR2;
await env.EMAIL_STORAGE.put(
@@ -392,6 +407,7 @@ describe("processEmail — attachments", () => {
it("uploads attachments to R2 and stores AttachmentData in emailData", async () => {
const env = createMockEnv({ withR2: true });
await seedInboundIndex(env, VALID_FEED_ID);
const mockR2 = (env as any).ATTACHMENT_BUCKET as unknown as MockR2;
await env.EMAIL_STORAGE.put(
`feed:${VALID_FEED_ID}:config`,
@@ -423,6 +439,7 @@ describe("processEmail — attachments", () => {
it("stores attachmentIds in EmailMetadata for trim-time cleanup", async () => {
const env = createMockEnv({ withR2: true });
await seedInboundIndex(env, VALID_FEED_ID);
await env.EMAIL_STORAGE.put(
`feed:${VALID_FEED_ID}:config`,
JSON.stringify({}),
@@ -439,6 +456,7 @@ describe("processEmail — attachments", () => {
it("classifies a cid-referenced image as inline, not a downloadable attachment", async () => {
const env = createMockEnv({ withR2: true });
await seedInboundIndex(env, VALID_FEED_ID);
await env.EMAIL_STORAGE.put(
`feed:${VALID_FEED_ID}:config`,
JSON.stringify({}),
@@ -484,6 +502,7 @@ describe("processEmail — attachments", () => {
it("deletes inline image R2 objects when a trimmed email had them", async () => {
const env = createMockEnv({ withR2: true });
await seedInboundIndex(env, VALID_FEED_ID);
const mockR2 = (env as any).ATTACHMENT_BUCKET as unknown as MockR2;
await env.EMAIL_STORAGE.put(
`feed:${VALID_FEED_ID}:config`,
@@ -537,6 +556,7 @@ describe("processEmail — attachments", () => {
it("deletes R2 objects when a trimmed email had attachments", async () => {
const env = createMockEnv({ withR2: true });
await seedInboundIndex(env, VALID_FEED_ID);
const mockR2 = (env as any).ATTACHMENT_BUCKET as unknown as MockR2;
await env.EMAIL_STORAGE.put(
`feed:${VALID_FEED_ID}:config`,
@@ -595,9 +615,139 @@ describe("processEmail — attachments", () => {
});
});
describe("processEmail — deduplication", () => {
let env: ReturnType<typeof createMockEnv>;
beforeEach(async () => {
env = createMockEnv();
await env.EMAIL_STORAGE.put(
`feed:${VALID_FEED_ID}:config`,
JSON.stringify({}),
);
await seedInboundIndex(env, VALID_FEED_ID);
});
it("stores only one email when the same Message-ID is delivered twice", async () => {
const headers = { "Message-ID": "<abc123@example.com>" };
await processEmail(makeInput({ headers }), env as any);
await processEmail(makeInput({ headers }), env as any);
const metadata = await env.EMAIL_STORAGE.get(
`feed:${VALID_FEED_ID}:metadata`,
"json",
);
expect(metadata.emails).toHaveLength(1);
});
it("increments emails_deduplicated counter on the second delivery", async () => {
const headers = { "Message-ID": "<dup42@example.com>" };
await processEmail(makeInput({ headers }), env as any);
await processEmail(makeInput({ headers }), env as any);
const counters = await getCounters(env.EMAIL_STORAGE as any);
expect(counters.emails_deduplicated).toBe(1);
});
it("deduplicates by hash when no Message-ID header is present", async () => {
const input = makeInput({
subject: "Weekly Digest",
content: "<p>Same content</p>",
});
await processEmail(input, env as any);
await processEmail(input, env as any);
const metadata = await env.EMAIL_STORAGE.get(
`feed:${VALID_FEED_ID}:metadata`,
"json",
);
expect(metadata.emails).toHaveLength(1);
const counters = await getCounters(env.EMAIL_STORAGE as any);
expect(counters.emails_deduplicated).toBe(1);
});
it("does not deduplicate emails with different subjects (no Message-ID)", async () => {
await processEmail(
makeInput({ subject: "First", content: "<p>body</p>" }),
env as any,
);
await processEmail(
makeInput({ subject: "Second", content: "<p>body</p>" }),
env as any,
);
const metadata = await env.EMAIL_STORAGE.get(
`feed:${VALID_FEED_ID}:metadata`,
"json",
);
expect(metadata.emails).toHaveLength(2);
const counters = await getCounters(env.EMAIL_STORAGE as any);
expect(counters.emails_deduplicated).toBe(0);
});
it("does not false-positive against pre-feature entries lacking messageId/dedupHash", async () => {
// Seed a legacy metadata entry with no messageId or dedupHash
await env.EMAIL_STORAGE.put(
`feed:${VALID_FEED_ID}:metadata`,
JSON.stringify({
emails: [
{
key: `feed:${VALID_FEED_ID}:999`,
subject: "Old Subject",
receivedAt: 999,
size: 50,
// intentionally no messageId, no dedupHash
},
],
}),
);
// A new, distinct email should be stored without triggering false dedup
const res = await processEmail(
makeInput({ subject: "New Distinct Email", content: "<p>fresh</p>" }),
env as any,
);
expect(res.ok).toBe(true);
const metadata = await env.EMAIL_STORAGE.get(
`feed:${VALID_FEED_ID}:metadata`,
"json",
);
expect(metadata.emails).toHaveLength(2);
const counters = await getCounters(env.EMAIL_STORAGE as any);
expect(counters.emails_deduplicated).toBe(0);
});
it("returns { ok: true } for a genuine duplicate (not a rejection)", async () => {
const headers = { "Message-ID": "<nodrop@example.com>" };
await processEmail(makeInput({ headers }), env as any);
const res = await processEmail(makeInput({ headers }), env as any);
expect(res).toMatchObject({ ok: true });
});
it("stores messageId and dedupHash in the email metadata entry", async () => {
const headers = { "Message-ID": "<stored@example.com>" };
await processEmail(
makeInput({ subject: "Sub", content: "<p>c</p>", headers }),
env as any,
);
const metadata = await env.EMAIL_STORAGE.get(
`feed:${VALID_FEED_ID}:metadata`,
"json",
);
expect(metadata.emails[0].messageId).toBe("<stored@example.com>");
expect(typeof metadata.emails[0].dedupHash).toBe("string");
expect(metadata.emails[0].dedupHash).toHaveLength(64); // SHA-256 hex
});
});
describe("processEmail — monitoring counters", () => {
it("increments emails_received and sets last_email_at on success", async () => {
const env = createMockEnv();
await seedInboundIndex(env, VALID_FEED_ID);
await env.EMAIL_STORAGE.put(
`feed:${VALID_FEED_ID}:config`,
JSON.stringify({}),
@@ -632,6 +782,7 @@ describe("processEmail — feed icon", () => {
`feed:${VALID_FEED_ID}:config`,
JSON.stringify({}),
);
await seedInboundIndex(env, VALID_FEED_ID);
});
it("persists the latest sender domain on the feed metadata", async () => {
@@ -674,6 +825,82 @@ describe("processEmail — feed icon", () => {
});
});
describe("processEmail — confirmation detection", () => {
let env: ReturnType<typeof createMockEnv>;
beforeEach(async () => {
env = createMockEnv();
await env.EMAIL_STORAGE.put(
`feed:${VALID_FEED_ID}:config`,
JSON.stringify({}),
);
await seedInboundIndex(env, VALID_FEED_ID);
});
it("marks a confirmation email and raises pendingConfirmation", async () => {
const result = await processEmail(
makeInput({
subject: "Please confirm your subscription",
content:
'<p>Click <a href="https://example.com/confirm?token=abc">Confirm</a></p>',
}),
env as any,
);
expect(result.ok).toBe(true);
const metadata = await env.EMAIL_STORAGE.get(
`feed:${VALID_FEED_ID}:metadata`,
"json",
);
expect(metadata.pendingConfirmation).toBe(true);
expect(metadata.emails[0].confirmation?.links[0]).toBe(
"https://example.com/confirm?token=abc",
);
});
it("marks a plain-text confirmation email and raises pendingConfirmation", async () => {
const result = await processEmail(
makeInput({
subject: "Confirm your subscription",
content:
"Please confirm your subscription. Click here: https://example.com/confirm?token=xyz to verify your email.",
}),
env as any,
);
expect(result.ok).toBe(true);
const metadata = await env.EMAIL_STORAGE.get(
`feed:${VALID_FEED_ID}:metadata`,
"json",
);
expect(metadata.pendingConfirmation).toBe(true);
expect(metadata.emails[0].confirmation?.links[0]).toBe(
"https://example.com/confirm?token=xyz",
);
});
it("does not mark a regular newsletter as a confirmation", async () => {
const result = await processEmail(
makeInput({
subject: "Weekly Newsletter",
content: "<p>Here is your weekly digest of news.</p>",
}),
env as any,
);
expect(result.ok).toBe(true);
const metadata = await env.EMAIL_STORAGE.get(
`feed:${VALID_FEED_ID}:metadata`,
"json",
);
expect(metadata.pendingConfirmation).toBeFalsy();
expect(metadata.emails[0].confirmation).toBeUndefined();
});
});
describe("processEmail — unsubscribe capture", () => {
let env: ReturnType<typeof createMockEnv>;
@@ -683,6 +910,7 @@ describe("processEmail — unsubscribe capture", () => {
`feed:${VALID_FEED_ID}:config`,
JSON.stringify({}),
);
await seedInboundIndex(env, VALID_FEED_ID);
});
it("stores the one-click unsubscribe URL on the feed metadata, keyed by sender", async () => {
@@ -709,6 +937,7 @@ describe("processEmail — unsubscribe capture", () => {
it("keeps one entry per sender and overwrites with the latest URL", async () => {
await processEmail(
makeInput({
subject: "Issue 1 from A",
senders: ["a@one.com"],
headers: {
"list-unsubscribe": "<https://one.com/u/1>",
@@ -719,6 +948,7 @@ describe("processEmail — unsubscribe capture", () => {
);
await processEmail(
makeInput({
subject: "Issue 1 from B",
senders: ["b@two.com"],
headers: {
"list-unsubscribe": "<https://two.com/u/1>",
@@ -729,6 +959,7 @@ describe("processEmail — unsubscribe capture", () => {
);
await processEmail(
makeInput({
subject: "Issue 2 from A",
senders: ["a@one.com"],
headers: {
"list-unsubscribe": "<https://one.com/u/2>",
@@ -763,3 +994,81 @@ describe("processEmail — unsubscribe capture", () => {
expect(metadata.unsubscribe).toBeUndefined();
});
});
describe("native feed detection on ingest", () => {
let env: ReturnType<typeof createMockEnv>;
beforeEach(async () => {
env = createMockEnv();
await env.EMAIL_STORAGE.put(
`feed:${VALID_FEED_ID}:config`,
JSON.stringify({}),
);
await seedInboundIndex(env, VALID_FEED_ID);
});
it("stores detected native feeds on the feed metadata (TEST A)", async () => {
const result = await processEmail(
makeInput({
from: "news@blog.example.com",
senders: ["news@blog.example.com"],
content:
'<html><head><link rel="alternate" type="application/rss+xml" href="https://blog.example.com/feed.xml"></head><body>hello</body></html>',
}),
env as any,
);
expect(result.ok).toBe(true);
const metadata = (await env.EMAIL_STORAGE.get(
`feed:${VALID_FEED_ID}:metadata`,
"json",
)) as {
nativeFeeds?: Record<string, Array<{ url: string; type: string }>>;
};
expect(Object.values(metadata.nativeFeeds!).flat()).toEqual([
{ url: "https://blog.example.com/feed.xml", type: "rss" },
]);
});
it("does not store nativeFeeds when no feed links are found (TEST B)", async () => {
const result = await processEmail(
makeInput({
content: "<p>no feed here</p>",
}),
env as any,
);
expect(result.ok).toBe(true);
const metadata = (await env.EMAIL_STORAGE.get(
`feed:${VALID_FEED_ID}:metadata`,
"json",
)) as { nativeFeeds?: Record<string, unknown> };
expect(metadata.nativeFeeds).toBeUndefined();
});
it("absolutizes a relative feed href using the display-name sender's domain (TEST C)", async () => {
const result = await processEmail(
makeInput({
from: "Blog Name <news@blog.example.com>",
senders: ["news@blog.example.com"],
content:
'<html><head><link rel="alternate" type="application/atom+xml" href="/atom.xml"></head><body>hi</body></html>',
}),
env as any,
);
expect(result.ok).toBe(true);
const metadata = (await env.EMAIL_STORAGE.get(
`feed:${VALID_FEED_ID}:metadata`,
"json",
)) as {
nativeFeeds?: Record<string, Array<{ url: string; type: string }>>;
};
expect(Object.values(metadata.nativeFeeds!).flat()).toEqual([
{ url: "https://blog.example.com/atom.xml", type: "atom" },
]);
});
});
src/application/email-processor.ts
+105 -15
View File
@@ -1,11 +1,18 @@
import { EmailParser } from "../domain/email-parser";
import { MailboxId } from "../domain/value-objects/mailbox-id";
import { EmailAddress } from "../domain/value-objects/email-address";
import { AttachmentData, EmailMetadata, Env } from "../types";
import { bumpCounters } from "../application/stats";
import { dispatchFeedEvents } from "../application/feed-events";
import { extractEmailDomain } from "../infrastructure/favicon-fetcher";
import { parseOneClickUnsubscribe } from "../infrastructure/unsubscribe";
import { getAttachmentBucket } from "../infrastructure/attachments";
import { extractInlineCids } from "../infrastructure/html-processor";
import {
extractFeedLinks,
extractInlineCids,
extractLinks,
htmlToText,
} from "../infrastructure/html-processor";
import { detectConfirmation } from "../domain/confirmation";
import { detectNativeFeeds } from "../domain/native-feed";
import { attachmentIdsForCleanup } from "./feed-cleanup";
import { FeedRepository } from "../infrastructure/feed-repository";
import { BackgroundScheduler } from "../infrastructure/worker";
@@ -33,6 +40,7 @@ export interface ProcessEmailInput {
export type IngestRejectionReason =
| "invalid_address"
| "mailbox_unknown"
| "feed_not_found"
| "feed_expired"
| "sender_blocked";
@@ -79,17 +87,33 @@ async function loadAcceptingFeed(
): Promise<
{ ok: true; feed: Feed } | { ok: false; reason: IngestRejectionReason }
> {
const feedId = EmailParser.extractFeedId(input.toAddress);
if (!feedId) {
// MailboxId.parse is the single boundary where an untrusted inbound address
// (the most untrusted input in the system) becomes a validated mailbox.
const mailbox = MailboxId.parse(input.toAddress);
if (!mailbox) {
logger.error("Invalid email address format", {
toAddress: input.toAddress,
});
return { ok: false, reason: "invalid_address" };
}
const feed = await FeedRepository.from(env).load(feedId);
// Resolve the inbound mailbox to the feed's opaque id (decoupled identities).
const repo = FeedRepository.from(env);
const feedId = await repo.resolveInbound(mailbox);
if (!feedId) {
// No feed claims this address — the common "wrong/unknown alias" case.
logger.error("Unknown inbound mailbox", { mailbox: mailbox.value });
return { ok: false, reason: "mailbox_unknown" };
}
const feed = await repo.load(feedId);
if (!feed) {
logger.error("Feed not found", { feedId: feedId.value });
// The index resolved but the feed is gone — a dangling index (should be
// near-impossible now the index is dropped on feed deletion).
logger.error("Feed not found", {
mailbox: mailbox.value,
feedId: feedId.value,
});
return { ok: false, reason: "feed_not_found" };
}
if (feed.isExpired()) {
@@ -109,12 +133,73 @@ async function loadAcceptingFeed(
return { ok: true, feed };
}
/**
* Compute a SHA-256 hex digest of a normalised string combining subject and
* content. Used as a dedup fallback when no Message-ID header is present.
* "Normalised" means lower-cased and all whitespace runs collapsed to a single
* space — so minor whitespace differences in re-sent mails still match.
*/
async function computeDedupHash(
subject: string,
content: string,
): Promise<string> {
const normalize = (s: string) => s.toLowerCase().replace(/\s+/g, " ").trim();
const raw = `${normalize(subject)}\n${normalize(content)}`;
const buf = await crypto.subtle.digest(
"SHA-256",
new TextEncoder().encode(raw),
);
return Array.from(new Uint8Array(buf))
.map((b) => b.toString(16).padStart(2, "0"))
.join("");
}
/**
* Extract the Message-ID from request headers (case-insensitive key lookup).
* Returns undefined when absent or empty.
*/
function extractMessageId(
headers: Record<string, string> | undefined,
): string | undefined {
if (!headers) return undefined;
const value = Object.entries(headers).find(
([k]) => k.toLowerCase() === "message-id",
)?.[1];
const trimmed = value?.trim();
return trimmed || undefined;
}
async function storeEmail(
feed: Feed,
input: ProcessEmailInput,
env: Env,
ctx?: ExecutionContext,
): Promise<void> {
): Promise<boolean> {
// ── Dedup check ──────────────────────────────────────────────────────────
// Compute both dedup signals up-front (hash is async) so we only do it once.
const messageId = extractMessageId(input.headers);
const dedupHash = await computeDedupHash(input.subject, input.content);
if (feed.hasDuplicate(messageId, dedupHash)) {
logger.info("Duplicate email skipped", {
feedId: feed.id.value,
...(messageId ? { messageId } : { dedupHash }),
});
await bumpCounters(env.EMAIL_STORAGE, { emails_deduplicated: 1 });
return false; // signal: skipped (not stored)
}
const confirmationLinks = detectConfirmation({
subject: input.subject,
text: htmlToText(input.content),
links: extractLinks(input.content),
});
const sender = EmailAddress.parse(input.from);
const nativeFeedList = detectNativeFeeds(
extractFeedLinks(input.content, sender?.siteBaseUrl() ?? ""),
);
const attachmentBucket = getAttachmentBucket(env);
const inlineCids = extractInlineCids(input.content);
const storedAttachments: AttachmentData[] =
@@ -149,19 +234,20 @@ async function storeEmail(
size: serialisedSize,
...(downloadableIds.length > 0 ? { attachmentIds: downloadableIds } : {}),
...(inlineIds.length > 0 ? { inlineAttachmentIds: inlineIds } : {}),
...(messageId ? { messageId } : {}),
dedupHash,
...(confirmationLinks
? { confirmation: { links: confirmationLinks } }
: {}),
};
// Track the latest sender's domain (feed icon) and capture the RFC 8058
// one-click unsubscribe link, keyed by sender so each newsletter keeps its
// own latest URL (fired when the feed is deleted).
const iconDomain = extractEmailDomain(input.from);
const iconDomain = sender?.domain.value;
const senderKey = input.senders[0] || iconDomain || input.from;
const unsubUrl = parseOneClickUnsubscribe(input.headers ?? {});
const unsub = unsubUrl
? {
senderKey: input.senders[0] || iconDomain || input.from,
url: unsubUrl,
}
: undefined;
const unsub = unsubUrl ? { senderKey, url: unsubUrl } : undefined;
const maxBytes =
parseInt(env.FEED_MAX_SIZE_BYTES ?? "", 10) || FEED_MAX_BYTES;
@@ -170,6 +256,9 @@ async function storeEmail(
maxBytes,
iconDomain: iconDomain ?? undefined,
unsub,
...(nativeFeedList.length > 0
? { nativeFeeds: { senderKey, feeds: nativeFeedList } }
: {}),
});
const r2Deletions =
@@ -198,6 +287,7 @@ async function storeEmail(
? (p) => ctx.waitUntil(p)
: () => {};
await dispatchFeedEvents(feed, env, schedule);
return true; // signal: stored
}
export async function processEmail(
src/application/feed-fetcher.ts
+3
View File
@@ -21,6 +21,9 @@ export async function fetchFeedData(
title: `Newsletter Feed ${feedId.value}`,
description: "Converted email newsletter",
language: "en",
// Read-model fallback only: the RSS/Atom/JSON path never builds the inbound
// address, so an empty mailbox is inert here (the real one lives on config).
mailbox_id: "",
created_at: Date.now(),
};
src/application/feed-service.test.ts
+42 -1
View File
@@ -1,8 +1,15 @@
import { describe, it, expect } from "vitest";
import { createMockEnv } from "../test/setup";
import { createFeedRecord, editFeed } from "./feed-service";
import {
createFeedRecord,
editFeed,
deleteFeedRecord,
deleteFeedFastDetailed,
} from "./feed-service";
import { getCounters } from "./stats";
import { FeedRepository } from "../infrastructure/feed-repository";
import { FeedId } from "../domain/value-objects/feed-id";
import { MailboxId } from "../domain/value-objects/mailbox-id";
import type { Env } from "../types";
const mkEnv = (overrides: Partial<Env> = {}) =>
@@ -54,6 +61,40 @@ describe("createFeedRecord — TTL policy", () => {
});
});
describe("deleting a feed drops its inbound mailbox index", () => {
it("deleteFeedRecord removes the inbound index so the address stops resolving", async () => {
const env = mkEnv();
const { feedId, mailboxId } = await createFeedRecord(env, { ...baseInput });
const repo = FeedRepository.from(env);
// Sanity: the address resolves to the feed before deletion.
expect(
(await repo.resolveInbound(MailboxId.unchecked(mailboxId)))?.value,
).toBe(feedId);
await deleteFeedRecord(env, FeedId.unchecked(feedId), () => {});
expect(
await repo.resolveInbound(MailboxId.unchecked(mailboxId)),
).toBeNull();
});
it("the bulk path (deleteFeedFastDetailed + removeFromListBulk) clears the inbound index", async () => {
const env = mkEnv();
const { feedId, mailboxId } = await createFeedRecord(env, { ...baseInput });
const repo = FeedRepository.from(env);
// The bulk admin path drops config/metadata, then removes from the list —
// the latter is what clears the inbound index (symmetric with save()).
await deleteFeedFastDetailed(env.EMAIL_STORAGE, FeedId.unchecked(feedId));
await repo.removeFromListBulk([feedId]);
expect(
await repo.resolveInbound(MailboxId.unchecked(mailboxId)),
).toBeNull();
});
});
describe("editFeed — TTL policy", () => {
it("recomputes expiry from the server override on edit", async () => {
const env = mkEnv({ FEED_TTL_HOURS: "1" });
src/application/feed-service.ts
+18 -6
View File
@@ -7,6 +7,7 @@ import { FeedRepository } from "../infrastructure/feed-repository";
import { toConfigDTO } from "../infrastructure/feed-mapper";
import { BackgroundScheduler } from "../infrastructure/worker";
import { FeedId } from "../domain/value-objects/feed-id";
import { MailboxId } from "../domain/value-objects/mailbox-id";
import { Lifetime } from "../domain/value-objects/lifetime";
import {
Feed,
@@ -33,24 +34,32 @@ function resolveLifetime(env: Env, requestedHours?: number): Lifetime {
}
/**
* Create a feed: write its config + empty metadata, register it in the global
* list, and bump the `feeds_created` counter. Returns the new feed id + config.
* Create a feed: mint an opaque `FeedId` (the read id) and a friendly `MailboxId`
* (the inbound address), write its config + empty metadata, register it in the
* global list + inbound index, and bump the `feeds_created` counter. Returns the
* new feed id, its mailbox, and config.
*/
export async function createFeedRecord(
env: Env,
input: CreateFeedInput,
): Promise<{ feedId: string; config: FeedConfig }> {
): Promise<{ feedId: string; mailboxId: string; config: FeedConfig }> {
const repo = FeedRepository.from(env);
const feed = Feed.create(FeedId.generate(), input, {
mailboxId: MailboxId.generate(),
lifetime: resolveLifetime(env, input.lifetimeHours),
});
// save() also writes the inbound:<mailbox> → feedId index.
await repo.save(feed);
// FeedCreated → bumps the feeds_created counter (no background work to schedule).
await dispatchFeedEvents(feed, env, () => {});
return { feedId: feed.id.value, config: toConfigDTO(feed.state()) };
return {
feedId: feed.id.value,
mailboxId: feed.mailboxId.value,
config: toConfigDTO(feed.state()),
};
}
export type UpdateFeedResult =
@@ -118,8 +127,10 @@ type DeleteFeedFastResult = {
};
/**
* Delete a feed's config + metadata keys, reporting per-key outcomes. The
* larger email/attachment cleanup is handled separately via purgeFeedKeysStep.
* Delete a feed's config + metadata keys, reporting per-key outcomes. The larger
* email/attachment cleanup is handled separately via purgeFeedKeysStep, and the
* inbound `inbound:<mailbox>` index is dropped by `removeFromList(Bulk)` (which
* every caller invokes next) — symmetric with `save()` writing it.
*/
export async function deleteFeedFastDetailed(
emailStorage: KVNamespace,
@@ -166,6 +177,7 @@ export async function deleteFeedRecord(
const unsubscribeUrls = await collectUnsubscribeUrls(emailStorage, feedId);
await deleteFeedFastDetailed(emailStorage, feedId);
// removeFromList also drops the feed's inbound mailbox index.
const removed = await repo.removeFromList(feedId);
if (removed) {
await bumpCounters(emailStorage, { feeds_deleted: 1 });
src/application/stats.ts
+4
View File
@@ -1,4 +1,5 @@
import { Counters, Env, StatsResponse } from "../types";
import { APP_VERSION } from "../config/version";
import { logger } from "../infrastructure/logger";
import { FeedRepository } from "../infrastructure/feed-repository";
import { CountersRepository } from "../infrastructure/counters-repository";
@@ -12,6 +13,7 @@ const EMPTY_COUNTERS: Counters = {
emails_received: 0,
emails_rejected: 0,
emails_forwarded: 0,
emails_deduplicated: 0,
unsubscribes_sent: 0,
};
@@ -43,6 +45,7 @@ export async function bumpCounters(
current.emails_received += changes.emails_received ?? 0;
current.emails_rejected += changes.emails_rejected ?? 0;
current.emails_forwarded += changes.emails_forwarded ?? 0;
current.emails_deduplicated += changes.emails_deduplicated ?? 0;
current.unsubscribes_sent += changes.unsubscribes_sent ?? 0;
if (changes.last_email_at) current.last_email_at = changes.last_email_at;
if (changes.last_feed_created_at)
@@ -75,6 +78,7 @@ export async function getStats(env: Env): Promise<StatsResponse> {
active_feeds: feeds.length,
websub_subscriptions_active: websubCount,
attachments_enabled: !!getAttachmentBucket(env),
version: APP_VERSION,
};
}
src/config/version.ts
+8
View File
@@ -0,0 +1,8 @@
import pkg from "../../package.json";
/**
* The running app version, inlined from package.json at bundle time (the Worker
* has no filesystem at runtime). Surfaced in the admin/status footer and the
* /health JSON so a self-hoster can tell which build is deployed.
*/
export const APP_VERSION: string = pkg.version;
src/domain/confirmation.test.ts
+173
View File
@@ -0,0 +1,173 @@
import { describe, it, expect } from "vitest";
import { detectConfirmation } from "./confirmation";
describe("detectConfirmation", () => {
it("detects an English confirmation email and returns the confirm link", () => {
const result = detectConfirmation({
subject: "Please confirm your subscription",
text: "Click the button below to verify your email address.",
links: [
{
href: "https://news.example.com/confirm?token=abc123",
text: "Confirm subscription",
},
{ href: "https://news.example.com/home", text: "Home" },
],
});
expect(result).not.toBeNull();
expect(result![0]).toBe("https://news.example.com/confirm?token=abc123");
});
it("detects a French confirmation email (accent-insensitive)", () => {
const result = detectConfirmation({
subject: "Confirmez votre inscription",
text: "Cliquez pour activer votre abonnement.",
links: [
{
href: "https://lettre.example.fr/valider/xyz",
text: "Valider mon inscription",
},
],
});
expect(result).not.toBeNull();
expect(result![0]).toBe("https://lettre.example.fr/valider/xyz");
});
it("returns null for a normal newsletter with only an unsubscribe link", () => {
const result = detectConfirmation({
subject: "This week in tech",
text: "Here are the top stories. To stop receiving these, unsubscribe here.",
links: [
{ href: "https://news.example.com/article/42", text: "Read more" },
{
href: "https://news.example.com/unsubscribe?u=9",
text: "Unsubscribe",
},
],
});
expect(result).toBeNull();
});
it("returns null when no candidate link is present even if the subject matches", () => {
const result = detectConfirmation({
subject: "Confirm your subscription",
text: "Reply to this email to confirm.",
links: [],
});
expect(result).toBeNull();
});
it("never treats an unsubscribe link as a confirmation candidate", () => {
const result = detectConfirmation({
subject: "Confirm your email",
text: "Verify your address.",
links: [
{ href: "https://x.example/verify/abc", text: "Verify email" },
{ href: "https://x.example/unsubscribe", text: "unsubscribe" },
],
});
expect(result).not.toBeNull();
expect(result!).not.toContain("https://x.example/unsubscribe");
});
it("ranks the strongest candidate first and caps at three links", () => {
const result = detectConfirmation({
subject: "Confirm your subscription",
text: "verify activate",
links: [
{ href: "https://x.example/help", text: "help" },
{ href: "https://x.example/a?token=1", text: "click" },
{ href: "https://x.example/confirm?token=2", text: "Confirm" },
{ href: "https://x.example/activate", text: "Activate account" },
{ href: "https://x.example/verify", text: "Verify" },
],
});
expect(result).not.toBeNull();
expect(result!.length).toBeLessThanOrEqual(3);
expect(result![0]).toBe("https://x.example/confirm?token=2");
});
it("ignores non-http(s) links", () => {
const result = detectConfirmation({
subject: "Confirm your subscription",
text: "verify",
links: [{ href: "mailto:confirm@x.example", text: "confirm" }],
});
expect(result).toBeNull();
});
// ── False-positive guards: ordinary newsletters must NOT be flagged ──────────
// A "manage subscription" footer link is only a weak signal (+1), so a stray
// body keyword (active/valid) cannot push it over the threshold.
it("does not flag a newsletter with a manage-subscription footer + 'active' in body", () => {
const result = detectConfirmation({
subject: "This week in tech",
text: "Thanks to our most active community members for the great discussion.",
links: [
{ href: "https://news.example.com/article/42", text: "Read more" },
{
href: "https://news.example.com/account/subscription",
text: "Manage your subscription",
},
],
});
expect(result).toBeNull();
});
it("does not flag a newsletter with a subscription-preferences link + 'valid' in body", () => {
const result = detectConfirmation({
subject: "Weekend deals are here",
text: "These offers are valid until Friday — don't miss out.",
links: [
{
href: "https://shop.example.com/subscription/preferences",
text: "Subscription preferences",
},
],
});
expect(result).toBeNull();
});
it("does not flag a marketing 'Subscribe & save' CTA + 'activate' in body", () => {
const result = detectConfirmation({
subject: "Your weekly digest",
text: "Activate your free trial and start saving today.",
links: [
{
href: "https://shop.example.com/subscribe",
text: "Subscribe & save",
},
],
});
expect(result).toBeNull();
});
// ── Recall: a genuine confirmation still passes via the weak signal ──────────
it("detects a genuine confirm-subscription email whose only link is a bare /subscribe", () => {
const result = detectConfirmation({
subject: "Please confirm your subscription",
text: "Tap the button to finish signing up.",
links: [
{
href: "https://news.example.com/subscribe/abc123",
text: "Subscribe",
},
],
});
expect(result).not.toBeNull();
expect(result![0]).toBe("https://news.example.com/subscribe/abc123");
});
it("dedupes a confirmation link repeated in the body", () => {
const result = detectConfirmation({
subject: "Confirm your subscription",
text: "verify your address",
links: [
{ href: "https://x.example/confirm?token=1", text: "Confirm" },
{ href: "https://x.example/confirm?token=1", text: "Confirm here" },
],
});
expect(result).toEqual(["https://x.example/confirm?token=1"]);
});
});
src/domain/confirmation.ts
+122
View File
@@ -0,0 +1,122 @@
/**
* Pure detection of "confirm your subscription" emails. No DOM, no I/O — it
* receives already-extracted subject/body text and link tuples (infra parses the
* HTML). This module owns the business knowledge: the multilingual keyword vocab,
* the link-signal patterns, the scoring weights and the threshold.
*
* Returns the ranked candidate confirmation links (top 3) when the combined score
* clears the threshold AND at least one candidate link exists; otherwise null.
* Only http(s) links are ever considered or returned.
*/
export interface DetectConfirmationInput {
subject: string;
text: string;
links: { href: string; text: string }[];
}
// Confirmation-positive stems, already normalized (lowercased, diacritics stripped).
// EN / FR / DE / ES — extend here to add a language.
const KEYWORDS = [
"confirm",
"verif",
"activ",
"valid",
"bestatig",
"aktivier",
"opt-in",
"opt in",
"optin",
];
// Strong URL signals: an unambiguous confirm/verify/activate action or a token.
// A link URL matching any scores +2.
const STRONG_LINK_SIGNALS = [
"confirm",
"verif",
"activ",
"valid",
"bestatig",
"aktivier",
"optin",
"opt-in",
"double-optin",
"token=",
"confirm=",
"activation",
];
// Weak URL signals: ambiguous subscribe/subscription words that also appear in
// ordinary "manage subscription" footers. Worth only +1 so they cannot, on their
// own (with a stray body keyword), cross the threshold and cry wolf — but still
// let a genuine "confirm your subscription" subject + a bare /subscribe link pass.
const WEAK_LINK_SIGNALS = ["subscription", "subscribe"];
// Negative patterns: a link matching any of these is NEVER a candidate, and these
// tokens are stripped from text before keyword scanning (kills the unsubscribe
// false positive — "unsubscribe" contains "subscribe").
const NEGATIVE = [
"unsubscribe",
"desabonn",
"desinscri",
"abbestell",
"opt-out",
"optout",
"list-unsubscribe",
];
const THRESHOLD = 3;
function normalize(s: string): string {
return s.normalize("NFD").replace(/[̀-ͯ]/g, "").toLowerCase();
}
function isHttp(href: string): boolean {
return /^https?:\/\//i.test(href.trim());
}
function matchesAny(haystack: string, needles: string[]): boolean {
return needles.some((n) => haystack.includes(n));
}
function linkScore(href: string, text: string): number {
const h = normalize(href);
const t = normalize(text);
if (matchesAny(h, NEGATIVE) || matchesAny(t, NEGATIVE)) return 0;
let score = 0;
if (matchesAny(h, STRONG_LINK_SIGNALS)) score += 2;
else if (matchesAny(h, WEAK_LINK_SIGNALS)) score += 1;
if (matchesAny(t, KEYWORDS)) score += 2;
return score;
}
function stripNegatives(text: string): string {
let out = text;
for (const n of NEGATIVE) out = out.split(n).join(" ");
return out;
}
export function detectConfirmation(
input: DetectConfirmationInput,
): string[] | null {
const candidates = input.links
.filter((l) => isHttp(l.href))
.map((l) => ({ href: l.href.trim(), score: linkScore(l.href, l.text) }))
.filter((l) => l.score > 0)
.sort((a, b) => b.score - a.score);
if (candidates.length === 0) return null;
const subject = stripNegatives(normalize(input.subject));
const text = stripNegatives(normalize(input.text));
const subjectScore = matchesAny(subject, KEYWORDS) ? 2 : 0;
const bodyScore = matchesAny(text, KEYWORDS) ? 1 : 0;
const bestLinkScore = candidates[0].score;
if (subjectScore + bodyScore + bestLinkScore < THRESHOLD) return null;
// Dedupe by href before capping, so a link repeated in the body never wastes
// one of the three surfaced slots.
return [...new Set(candidates.map((c) => c.href))].slice(0, 3);
}
src/domain/email-parser.test.ts
+2 -31
View File
@@ -1,37 +1,8 @@
import { describe, it, expect } from "vitest";
import { EmailParser } from "./email-parser";
describe("EmailParser.extractFeedId", () => {
it("extracts a valid feed ID from an email address", () => {
expect(
EmailParser.extractFeedId("river.castle.42@example.com")?.value,
).toBe("river.castle.42");
});
it("is case-insensitive for the local part", () => {
expect(
EmailParser.extractFeedId("River.Castle.42@example.com")?.value,
).toBe("River.Castle.42");
});
it("returns null for an address with no feed ID format", () => {
expect(EmailParser.extractFeedId("user@example.com")).toBeNull();
});
it("returns null for a plain string without @", () => {
expect(EmailParser.extractFeedId("notanemail")).toBeNull();
});
it("returns null when the numeric suffix is only one digit", () => {
expect(EmailParser.extractFeedId("river.castle.4@example.com")).toBeNull();
});
it("returns null when the numeric suffix has more than two digits", () => {
expect(
EmailParser.extractFeedId("river.castle.123@example.com"),
).toBeNull();
});
});
// Inbound mailbox parsing lives on the MailboxId VO (see mailbox-id.test.ts);
// EmailParser no longer wraps it.
describe("EmailParser.decodeEncodedWords", () => {
it("returns plain text unchanged", () => {
src/domain/email-parser.ts
-11
View File
@@ -1,17 +1,6 @@
import { EmailData } from "../types";
import { FeedId } from "./value-objects/feed-id";
export class EmailParser {
/**
* Extract the feed id from an inbound recipient address. Returns a validated
* `FeedId` value object (not a raw string) so the most untrusted input in the
* system — an address typed by a sender — is guarded at the parse boundary and
* never needs `FeedId.unchecked` downstream.
*/
static extractFeedId(emailAddress: string): FeedId | null {
return FeedId.parse(emailAddress);
}
// eslint-disable-next-line @typescript-eslint/no-explicit-any
static parseForwardEmailPayload(payload: any): EmailData {
if (!payload) {
src/domain/feed-keys.ts
+3
View File
@@ -13,6 +13,9 @@ export const feedKeys = {
config: (feedId: string): string => `feed:${feedId}:config`,
metadata: (feedId: string): string => `feed:${feedId}:metadata`,
/** Secondary index: inbound mailbox local part → feed id (resolved at reception). */
inbound: (mailboxId: string): string => `inbound:${mailboxId}`,
/** Prefix covering every key owned by a feed (config, metadata, emails). */
feedPrefix: (feedId: string): string => `feed:${feedId}:`,
src/domain/feed-state.ts
+5
View File
@@ -11,7 +11,12 @@ export interface FeedState {
title: string;
description?: string;
language: string;
/** The feed's inbound mailbox local part (`noun.noun.NN`) — its email address
* is `mailboxId@domain`. Decoupled from the feed's `FeedId` (the read id). */
mailboxId: string;
author?: string;
/** When true, entry titles in the feed output are rendered as `[Sender] Subject`. */
senderInTitle?: boolean;
allowedSenders: string[];
blockedSenders: string[];
createdAt: number;
src/domain/feed.aggregate.test.ts
+179 -12
View File
@@ -3,12 +3,14 @@ import { createMockEnv } from "../test/setup";
import { Feed, CreateFeedInput } from "./feed.aggregate";
import { FeedRepository } from "../infrastructure/feed-repository";
import { FeedId } from "./value-objects/feed-id";
import { MailboxId } from "./value-objects/mailbox-id";
import { Lifetime } from "./value-objects/lifetime";
import { FeedState } from "./feed-state";
import { Clock } from "./clock";
import type { Env, EmailMetadata } from "../types";
const FID = FeedId.unchecked("a.b.42");
const FID = FeedId.unchecked("opaque-feed-id");
const MBOX = MailboxId.unchecked("a.b.42");
const mockEnv = () => createMockEnv() as unknown as Env;
@@ -27,6 +29,7 @@ const createInput = (
const state = (overrides: Partial<FeedState> = {}): FeedState => ({
title: "T",
language: "en",
mailboxId: "a.b.42",
allowedSenders: [],
blockedSenders: [],
createdAt: 0,
@@ -43,8 +46,9 @@ const entry = (overrides: Partial<EmailMetadata> = {}): EmailMetadata => ({
describe("Feed.create", () => {
it("builds a config with an empty email index and no expiry by default", () => {
const feed = Feed.create(FID, createInput());
expect(feed.id.value).toBe("a.b.42");
const feed = Feed.create(FID, createInput(), { mailboxId: MBOX });
expect(feed.id.value).toBe("opaque-feed-id");
expect(feed.mailboxId.value).toBe("a.b.42");
expect(feed.title).toBe("News");
expect(feed.expiresAt).toBeUndefined();
expect(feed.emails).toEqual([]);
@@ -53,6 +57,7 @@ describe("Feed.create", () => {
it("resolves expiry from the supplied lifetime using the injected clock", () => {
const NOW = 1_000_000;
const feed = Feed.create(FID, createInput(), {
mailboxId: MBOX,
clock: fixedClock(NOW),
lifetime: Lifetime.ofHours(2),
});
@@ -64,18 +69,24 @@ describe("Feed.create", () => {
it("trusts only deps.lifetime, not the client lifetimeHours field", () => {
// The aggregate no longer parses lifetime policy: the application resolves
// the effective Lifetime (env override etc.) and hands it in.
const feed = Feed.create(FID, createInput({ lifetimeHours: 9999 }));
const feed = Feed.create(FID, createInput({ lifetimeHours: 9999 }), {
mailboxId: MBOX,
});
expect(feed.expiresAt).toBeUndefined();
});
it("treats a non-positive lifetime as no expiry", () => {
expect(
Feed.create(FID, createInput(), { lifetime: Lifetime.ofHours(0) })
.expiresAt,
Feed.create(FID, createInput(), {
mailboxId: MBOX,
lifetime: Lifetime.ofHours(0),
}).expiresAt,
).toBeUndefined();
expect(
Feed.create(FID, createInput(), { lifetime: Lifetime.ofHours(-5) })
.expiresAt,
Feed.create(FID, createInput(), {
mailboxId: MBOX,
lifetime: Lifetime.ofHours(-5),
}).expiresAt,
).toBeUndefined();
});
});
@@ -191,7 +202,7 @@ describe("Feed.removeEmails", () => {
describe("Feed events", () => {
it("records FeedCreated on create and drains it once", () => {
const feed = Feed.create(FID, createInput());
const feed = Feed.create(FID, createInput(), { mailboxId: MBOX });
expect(feed.pullEvents()).toEqual([{ type: "FeedCreated", feedId: FID }]);
// Draining clears: a second pull is empty.
expect(feed.pullEvents()).toEqual([]);
@@ -222,21 +233,104 @@ describe("Feed events", () => {
});
});
function newFeed(): Feed {
return Feed.create(
FeedId.generate(),
{
title: "T",
description: "",
language: "en",
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId: MailboxId.unchecked("alpha.beta.10") },
);
}
function confirmationEmail(
key: string,
confirmation?: { links: string[] },
): EmailMetadata {
return {
key,
subject: "s",
receivedAt: Date.now(),
size: 10,
...(confirmation ? { confirmation } : {}),
};
}
describe("Feed pendingConfirmation", () => {
it("is false on a fresh feed", () => {
expect(newFeed().pendingConfirmation).toBe(false);
});
it("is raised when a confirmation email is ingested", () => {
const feed = newFeed();
feed.ingest(confirmationEmail("k1", { links: ["https://x/confirm"] }), {
maxBytes: 1_000_000,
});
expect(feed.pendingConfirmation).toBe(true);
});
it("stays false for a non-confirmation email", () => {
const feed = newFeed();
feed.ingest(confirmationEmail("k1"), { maxBytes: 1_000_000 });
expect(feed.pendingConfirmation).toBe(false);
});
it("is cleared by dismissConfirmation", () => {
const feed = newFeed();
feed.ingest(confirmationEmail("k1", { links: ["https://x/confirm"] }), {
maxBytes: 1_000_000,
});
feed.dismissConfirmation();
expect(feed.pendingConfirmation).toBe(false);
});
it("does not re-raise after dismiss when removing an unrelated email", () => {
const feed = newFeed();
feed.ingest(confirmationEmail("k1", { links: ["https://x/confirm"] }), {
maxBytes: 1_000_000,
});
feed.ingest(confirmationEmail("k2"), { maxBytes: 1_000_000 });
feed.dismissConfirmation();
feed.removeEmails(["k2"]);
expect(feed.pendingConfirmation).toBe(false);
});
it("clears when the last confirmation email is removed", () => {
const feed = newFeed();
feed.ingest(confirmationEmail("k1", { links: ["https://x/confirm"] }), {
maxBytes: 1_000_000,
});
feed.removeEmails(["k1"]);
expect(feed.pendingConfirmation).toBe(false);
});
});
describe("FeedRepository.load / save round-trip", () => {
it("persists a created feed and reflects later mutations", async () => {
const repo = new FeedRepository(mockEnv().EMAIL_STORAGE);
const created = Feed.create(FID, createInput({ title: "Round" }));
const created = Feed.create(FID, createInput({ title: "Round" }), {
mailboxId: MBOX,
});
await repo.save(created);
const loaded = await repo.load(FID);
expect(loaded).not.toBeNull();
expect(loaded!.title).toBe("Round");
expect(loaded!.mailboxId.value).toBe("a.b.42");
loaded!.ingest(entry({ key: "feed:a.b.42:1" }), { maxBytes: 1_000_000 });
loaded!.ingest(entry({ key: "feed:opaque-feed-id:1" }), {
maxBytes: 1_000_000,
});
await repo.saveMetadata(loaded!);
const reloaded = await repo.load(FID);
expect(reloaded!.emails.map((e) => e.key)).toEqual(["feed:a.b.42:1"]);
expect(reloaded!.emails.map((e) => e.key)).toEqual([
"feed:opaque-feed-id:1",
]);
});
it("returns null when the feed has no config", async () => {
@@ -244,3 +338,76 @@ describe("FeedRepository.load / save round-trip", () => {
expect(await repo.load(FeedId.unchecked("missing"))).toBeNull();
});
});
describe("Feed native feeds", () => {
const nf = (
senderKey: string,
url: string,
type: "rss" | "atom" | "json",
) => ({
maxBytes: 1_000_000_000,
nativeFeeds: { senderKey, feeds: [{ url, type }] },
});
it("stores native feeds and raises the flag on ingest", () => {
const feed = Feed.create(FID, createInput(), { mailboxId: MBOX });
feed.ingest(entry(), nf("a@x.com", "https://x.com/rss", "rss"));
expect(feed.nativeFeeds()).toEqual([
{ url: "https://x.com/rss", type: "rss" },
]);
expect(feed.hasNativeFeed()).toBe(true);
});
it("latest non-empty wins per sender; other senders preserved", () => {
const feed = Feed.create(FID, createInput(), { mailboxId: MBOX });
feed.ingest(
entry({ key: "k1" }),
nf("a@x.com", "https://x.com/old", "rss"),
);
feed.ingest(
entry({ key: "k2" }),
nf("b@y.com", "https://y.com/atom", "atom"),
);
feed.ingest(
entry({ key: "k3" }),
nf("a@x.com", "https://x.com/new", "rss"),
);
expect(feed.nativeFeeds()).toEqual([
{ url: "https://x.com/new", type: "rss" },
{ url: "https://y.com/atom", type: "atom" },
]);
});
it("dismiss hides the notice but keeps URLs; only a new URL re-raises", () => {
const feed = Feed.create(FID, createInput(), { mailboxId: MBOX });
feed.ingest(
entry({ key: "k1" }),
nf("a@x.com", "https://x.com/rss", "rss"),
);
feed.dismissNativeFeed();
expect(feed.hasNativeFeed()).toBe(false);
expect(feed.nativeFeeds()).toHaveLength(1);
feed.ingest(
entry({ key: "k2" }),
nf("a@x.com", "https://x.com/rss", "rss"),
);
expect(feed.hasNativeFeed()).toBe(false); // same URL → stays dismissed
feed.ingest(
entry({ key: "k3" }),
nf("a@x.com", "https://x.com/rss2", "rss"),
);
expect(feed.hasNativeFeed()).toBe(true); // new URL → re-raise
});
it("removeEmails leaves native feeds intact", () => {
const feed = Feed.create(FID, createInput(), { mailboxId: MBOX });
feed.ingest(
entry({ key: "k1" }),
nf("a@x.com", "https://x.com/rss", "rss"),
);
feed.removeEmails(["k1"]);
expect(feed.nativeFeeds()).toEqual([
{ url: "https://x.com/rss", type: "rss" },
]);
});
});
src/domain/feed.aggregate.ts
+92 -2
View File
@@ -1,10 +1,12 @@
import { FeedMetadata, EmailMetadata } from "../types";
import { FeedMetadata, EmailMetadata, NativeFeed } from "../types";
import { FeedState } from "./feed-state";
import { FeedId } from "./value-objects/feed-id";
import { MailboxId } from "./value-objects/mailbox-id";
import { Lifetime } from "./value-objects/lifetime";
import { SenderPolicy, SenderDecision } from "./value-objects/sender-policy";
import { Clock, systemClock } from "./clock";
import { FeedEvent } from "./events";
import { unionNativeFeeds } from "./native-feed";
export interface CreateFeedInput {
title: string;
@@ -12,6 +14,8 @@ export interface CreateFeedInput {
language: string;
allowedSenders: string[];
blockedSenders: string[];
/** When true, render entry titles as `[Sender] Subject` in the feed output. */
senderInTitle?: boolean;
/** Raw client-requested lifetime; the application resolves it into a `Lifetime`. */
lifetimeHours?: number;
}
@@ -22,6 +26,7 @@ export interface UpdateFeedInput {
language?: string;
allowedSenders?: string[];
blockedSenders?: string[];
senderInTitle?: boolean;
lifetimeHours?: number;
}
@@ -32,6 +37,8 @@ export interface UpdateFeedInput {
* applying any server-side `FEED_TTL_HOURS` override — and hands the VO in.
*/
export interface CreateFeedDeps {
/** The feed's inbound mailbox, minted by the application alongside its FeedId. */
mailboxId: MailboxId;
clock?: Clock;
/** Effective lifetime, already resolved by the application. */
lifetime?: Lifetime;
@@ -51,6 +58,8 @@ export interface IngestOptions {
iconDomain?: string;
/** RFC 8058 one-click unsubscribe link, keyed by the sending newsletter. */
unsub?: { senderKey: string; url: string };
/** Native syndication feeds the sender advertised, keyed by sender. */
nativeFeeds?: { senderKey: string; feeds: NativeFeed[] };
}
/**
@@ -82,7 +91,7 @@ export class Feed {
static create(
id: FeedId,
input: CreateFeedInput,
deps: CreateFeedDeps = {},
deps: CreateFeedDeps,
): Feed {
const clock = deps.clock ?? systemClock;
const now = clock.now();
@@ -91,6 +100,8 @@ export class Feed {
title: input.title,
description: input.description,
language: input.language,
mailboxId: deps.mailboxId.value,
senderInTitle: input.senderInTitle,
allowedSenders: input.allowedSenders,
blockedSenders: input.blockedSenders,
createdAt: now,
@@ -130,6 +141,11 @@ export class Feed {
return this._state.language;
}
/** The inbound mailbox (`noun.noun.NN`) — the feed's email address is `mailboxId@domain`. */
get mailboxId(): MailboxId {
return MailboxId.unchecked(this._state.mailboxId);
}
get createdAt(): number {
return this._state.createdAt;
}
@@ -146,6 +162,21 @@ export class Feed {
return this._metadata.iconDomain;
}
/** True while at least one unactioned confirmation email is present. */
get pendingConfirmation(): boolean {
return this._metadata.pendingConfirmation ?? false;
}
/** Discovered native feeds (Atom/RSS/JSON), union across senders, deduped. */
nativeFeeds(): NativeFeed[] {
return unionNativeFeeds(this._metadata.nativeFeeds);
}
/** True when a native feed was discovered and the notice was not dismissed. */
hasNativeFeed(): boolean {
return this.nativeFeeds().length > 0 && !this._metadata.nativeFeedDismissed;
}
allowedSenders(): string[] {
return [...this._state.allowedSenders];
}
@@ -203,6 +234,30 @@ export class Feed {
).decide(senders);
}
/**
* Check whether the email index already contains a duplicate of the incoming
* email. Dedup uses `messageId` as the primary key (when both sides have one)
* and falls back to `dedupHash` (SHA-256 of normalised subject+content).
* Old entries that predate the feature and carry neither field are never
* matched — they cannot cause false positives.
*/
hasDuplicate(messageId?: string, dedupHash?: string): boolean {
for (const entry of this._metadata.emails) {
if (messageId && entry.messageId && entry.messageId === messageId) {
return true;
}
if (
!messageId &&
dedupHash &&
entry.dedupHash &&
entry.dedupHash === dedupHash
) {
return true;
}
}
return false;
}
/**
* Add an email to the front of the index, refresh the icon domain and the
* per-sender unsubscribe link, then trim the oldest entries back under the
@@ -225,6 +280,23 @@ export class Feed {
};
}
if (entry.confirmation) {
this._metadata.pendingConfirmation = true;
}
if (opts.nativeFeeds && opts.nativeFeeds.feeds.length > 0) {
const known = new Set(this.nativeFeeds().map((f) => f.url));
this._metadata.nativeFeeds = {
...(this._metadata.nativeFeeds ?? {}),
[opts.nativeFeeds.senderKey]: opts.nativeFeeds.feeds,
};
// Re-raise the notice only when a genuinely new URL appears, so a dismiss
// survives the same feed being re-advertised on every subsequent email.
if (opts.nativeFeeds.feeds.some((f) => !known.has(f.url))) {
this._metadata.nativeFeedDismissed = false;
}
}
this._events.push({
type: "EmailIngested",
feedId: this.id,
@@ -262,9 +334,24 @@ export class Feed {
(target.has(entry.key) ? removed : kept).push(entry);
}
this._metadata.emails = kept;
// Lower-only: clear when no confirmation email remains. Never re-raise here,
// so an admin "dismiss" survives deletion of unrelated emails.
if (!kept.some((e) => e.confirmation)) {
this._metadata.pendingConfirmation = false;
}
return { removed };
}
/** Mark the pending confirmation as handled — "stop reminding me". */
dismissConfirmation(): void {
this._metadata.pendingConfirmation = false;
}
/** Mark the native-feed notice as handled — "stop reminding me". */
dismissNativeFeed(): void {
this._metadata.nativeFeedDismissed = true;
}
/**
* The single edit path. Apply the patch (only the fields it carries) and
* recompute expiry when the application supplies a `Lifetime` — an absent
@@ -289,6 +376,9 @@ export class Feed {
this._state.description = patch.description;
}
if (patch.language !== undefined) this._state.language = patch.language;
if (patch.senderInTitle !== undefined) {
this._state.senderInTitle = patch.senderInTitle;
}
if (patch.allowedSenders !== undefined) {
this._state.allowedSenders = patch.allowedSenders;
}
src/domain/native-feed.test.ts
+65
View File
@@ -0,0 +1,65 @@
import { describe, it, expect } from "vitest";
import { detectNativeFeeds, unionNativeFeeds } from "./native-feed";
describe("detectNativeFeeds", () => {
it("maps the three canonical MIME types to kinds", () => {
expect(
detectNativeFeeds([
{ href: "https://x.com/atom", type: "application/atom+xml" },
{ href: "https://x.com/rss", type: "application/rss+xml" },
{ href: "https://x.com/json", type: "application/feed+json" },
]),
).toEqual([
{ url: "https://x.com/atom", type: "atom" },
{ url: "https://x.com/rss", type: "rss" },
{ url: "https://x.com/json", type: "json" },
]);
});
it("ignores unknown MIME types (application/json, text/html)", () => {
expect(
detectNativeFeeds([
{ href: "https://x.com/api", type: "application/json" },
{ href: "https://x.com/", type: "text/html" },
]),
).toEqual([]);
});
it("strips MIME parameters and is case-insensitive", () => {
expect(
detectNativeFeeds([
{ href: "https://x.com/f", type: "Application/RSS+XML; charset=utf-8" },
]),
).toEqual([{ url: "https://x.com/f", type: "rss" }]);
});
it("dedupes by URL (first kind wins)", () => {
expect(
detectNativeFeeds([
{ href: "https://x.com/f", type: "application/rss+xml" },
{ href: "https://x.com/f", type: "application/atom+xml" },
]),
).toEqual([{ url: "https://x.com/f", type: "rss" }]);
});
});
describe("unionNativeFeeds", () => {
it("returns [] for undefined", () => {
expect(unionNativeFeeds(undefined)).toEqual([]);
});
it("unions across senders, deduping by URL", () => {
expect(
unionNativeFeeds({
"a@x.com": [{ url: "https://x.com/rss", type: "rss" }],
"b@y.com": [
{ url: "https://x.com/rss", type: "rss" },
{ url: "https://y.com/atom", type: "atom" },
],
}),
).toEqual([
{ url: "https://x.com/rss", type: "rss" },
{ url: "https://y.com/atom", type: "atom" },
]);
});
});
src/domain/native-feed.ts
+54
View File
@@ -0,0 +1,54 @@
/**
* Pure detection of a newsletter's own syndication feed. No DOM, no I/O — it
* receives already-extracted <link> tuples (infra parses the HTML) and decides
* which ones are real feeds. This module owns the business knowledge: the strict
* set of recognized feed MIME types.
*/
import { NativeFeed } from "../types";
// MIME type → feed kind. Strict: only the three canonical syndication types.
// `application/json` is deliberately excluded — too broad, captures non-feeds.
const MIME_TO_KIND: Record<string, NativeFeed["type"]> = {
"application/atom+xml": "atom",
"application/rss+xml": "rss",
"application/feed+json": "json",
};
// Drop MIME parameters ("; charset=…"), trim, lowercase.
function normalizeMime(type: string): string {
return type.split(";")[0].trim().toLowerCase();
}
/** Map raw <link> tuples to recognized native feeds, deduped by URL. */
export function detectNativeFeeds(
links: { href: string; type: string }[],
): NativeFeed[] {
const out: NativeFeed[] = [];
const seen = new Set<string>();
for (const link of links) {
const kind = MIME_TO_KIND[normalizeMime(link.type)];
if (!kind) continue;
const url = link.href.trim();
if (!url || seen.has(url)) continue;
seen.add(url);
out.push({ url, type: kind });
}
return out;
}
/** Flatten per-sender native feeds into one list, deduped by URL (first wins). */
export function unionNativeFeeds(
bySender: Record<string, NativeFeed[]> | undefined,
): NativeFeed[] {
if (!bySender) return [];
const out: NativeFeed[] = [];
const seen = new Set<string>();
for (const feeds of Object.values(bySender)) {
for (const feed of feeds) {
if (seen.has(feed.url)) continue;
seen.add(feed.url);
out.push({ ...feed });
}
}
return out;
}
src/domain/value-objects/email-address.test.ts
+16
View File
@@ -30,4 +30,20 @@ describe("EmailAddress", () => {
"https://example.com/",
);
});
it("captures the display name verbatim from a display form", () => {
const email = EmailAddress.parse("Alice B <Alice@Example.com>")!;
expect(email.displayName).toBe("Alice B");
expect(email.label()).toBe("Alice B");
});
it("has no display name for a bare address and labels by the address", () => {
const email = EmailAddress.parse("Bob@Example.com")!;
expect(email.displayName).toBeUndefined();
expect(email.label()).toBe("bob@example.com");
});
it("falls back to the address as the label when the display name is empty", () => {
expect(EmailAddress.parse("<a@b.com>")?.label()).toBe("a@b.com");
});
});
src/domain/value-objects/email-address.ts
+16 -2
View File
@@ -3,12 +3,16 @@ import { Domain } from "./domain";
/**
* A normalised email address. `parse` accepts a bare address (`a@b.com`) or a
* display form (`Name <a@b.com>`), lowercasing the local part and normalising
* the domain. Returns null when no plausible address can be found.
* the domain. When the input carries a display name it is captured (verbatim,
* not normalised — names are case-sensitive). Returns null when no plausible
* address can be found.
*/
export class EmailAddress {
private constructor(
readonly normalized: string,
readonly domain: Domain,
/** The sender's display name from a `Name <addr>` input, if any. */
readonly displayName?: string,
) {}
static parse(raw: string): EmailAddress | null {
@@ -17,7 +21,17 @@ export class EmailAddress {
const domain = Domain.parse(match[2]);
if (!domain) return null;
const local = match[1].trim().toLowerCase();
return new EmailAddress(`${local}@${domain.value}`, domain);
const displayName =
raw.match(/^\s*(.+?)\s*<[^>]+>\s*$/)?.[1].trim() || undefined;
return new EmailAddress(`${local}@${domain.value}`, domain, displayName);
}
/**
* The best human-readable label for this sender: the display name when the
* address came in `Name <addr>` form, else the normalised address.
*/
label(): string {
return this.displayName ?? this.normalized;
}
/**
src/domain/value-objects/feed-id.test.ts
+17 -26
View File
@@ -1,36 +1,27 @@
import { describe, it, expect } from "vitest";
import { FeedId } from "./feed-id";
describe("FeedId.parse", () => {
it("extracts the feed id from an inbound address", () => {
expect(FeedId.parse("river.castle.42@example.com")?.value).toBe(
"river.castle.42",
);
});
it("preserves the original casing of the local part", () => {
expect(FeedId.parse("River.Castle.42@example.com")?.value).toBe(
"River.Castle.42",
);
});
it("rejects malformed feed ids", () => {
expect(FeedId.parse("user@example.com")).toBeNull();
expect(FeedId.parse("notanemail")).toBeNull();
expect(FeedId.parse("river.castle.4@example.com")).toBeNull();
expect(FeedId.parse("river.castle.123@example.com")).toBeNull();
});
});
describe("FeedId.generate", () => {
it("produces the noun.noun.NN format", () => {
it("produces an opaque base64url token", () => {
for (let i = 0; i < 50; i++) {
expect(FeedId.generate().value).toMatch(/^[a-z]+\.[a-z]+\.\d{2}$/);
expect(FeedId.generate().value).toMatch(/^[A-Za-z0-9_-]{22}$/);
}
});
it("round-trips through parse from an address", () => {
const id = FeedId.generate();
expect(FeedId.parse(`${id.value}@example.com`)?.value).toBe(id.value);
it("is unguessable: 50 ids are all distinct", () => {
const ids = new Set(
Array.from({ length: 50 }, () => FeedId.generate().value),
);
expect(ids.size).toBe(50);
});
it("does not produce the legacy noun.noun.NN format", () => {
expect(FeedId.generate().value).not.toMatch(/^[a-z]+\.[a-z]+\.\d{2}$/);
});
});
describe("FeedId.unchecked", () => {
it("wraps a value without validation", () => {
expect(FeedId.unchecked("anything").value).toBe("anything");
});
});
src/domain/value-objects/feed-id.ts
+23 -19
View File
@@ -1,37 +1,41 @@
import { nouns } from "../../data/nouns";
// Feed IDs are noun1.noun2.XY (two lowercase nouns + a 2-digit suffix).
const FEED_ID_IN_ADDRESS = /^([a-z]+\.[a-z]+\.\d{2})@/i;
/** Encode bytes as unpadded base64url (URL- and KV-key-safe). */
function base64url(bytes: Uint8Array): string {
let binary = "";
for (const b of bytes) binary += String.fromCharCode(b);
return btoa(binary)
.replace(/\+/g, "-")
.replace(/\//g, "_")
.replace(/=+$/, "");
}
/**
* A feed identifier. `parse` pulls it from the local part of an inbound email
* address; `generate` mints a fresh one. The original casing is preserved.
* A feed's identity: the KV storage key AND the public read id in `/rss/:feedId`
* etc. It is an opaque, high-entropy random token — unguessable, so a feed's read
* URL can be shared without revealing its inbound address (the `MailboxId`, a
* separate value that resolves here via the `inbound:` index at reception).
*
* `generate` mints a fresh token; `unchecked` wraps a route param or stored key
* without revalidation (a wrong id simply misses in KV and 404s downstream).
*/
export class FeedId {
private constructor(readonly value: string) {}
/** Extract the feed id from an inbound address (`noun.noun.NN@domain`). */
static parse(emailAddress: string): FeedId | null {
const match = emailAddress.match(FEED_ID_IN_ADDRESS);
return match ? new FeedId(match[1]) : null;
}
/**
* Wrap a string as a FeedId WITHOUT revalidating it. The caller asserts the id
* originated from our own minting — a route param echoing a stored id, a
* `feeds:list` entry, or an email/KV key. The name is deliberately blunt: a
* wrong id is not rejected here, it simply misses in KV and 404s downstream.
* Untrusted external input (an inbound address) must go through `parse` instead.
* `feeds:list` entry, an `inbound:` index value, or a KV key. The name is
* deliberately blunt: a wrong id is not rejected here, it simply misses in KV
* and 404s downstream.
*/
static unchecked(value: string): FeedId {
return new FeedId(value);
}
/** Mint a fresh, opaque identity (128 bits of entropy → 22 base64url chars). */
static generate(): FeedId {
const noun1 = nouns[Math.floor(Math.random() * nouns.length)];
const noun2 = nouns[Math.floor(Math.random() * nouns.length)];
const number = Math.floor(Math.random() * 90) + 10;
return new FeedId(`${noun1}.${noun2}.${number}`);
const bytes = new Uint8Array(16);
crypto.getRandomValues(bytes);
return new FeedId(base64url(bytes));
}
toString(): string {
src/domain/value-objects/mailbox-id.test.ts
+50
View File
@@ -0,0 +1,50 @@
import { describe, it, expect } from "vitest";
import { MailboxId } from "./mailbox-id";
describe("MailboxId.parse", () => {
it("extracts the mailbox id from an inbound address", () => {
expect(MailboxId.parse("river.castle.42@example.com")?.value).toBe(
"river.castle.42",
);
});
it("preserves the original casing of the local part", () => {
expect(MailboxId.parse("River.Castle.42@example.com")?.value).toBe(
"River.Castle.42",
);
});
it("rejects malformed mailbox ids", () => {
expect(MailboxId.parse("user@example.com")).toBeNull();
expect(MailboxId.parse("notanemail")).toBeNull();
expect(MailboxId.parse("river.castle.4@example.com")).toBeNull();
expect(MailboxId.parse("river.castle.123@example.com")).toBeNull();
});
});
describe("MailboxId.generate", () => {
it("produces the noun.noun.NN format", () => {
for (let i = 0; i < 50; i++) {
expect(MailboxId.generate().value).toMatch(/^[a-z]+\.[a-z]+\.\d{2}$/);
}
});
it("round-trips through parse from an address", () => {
const id = MailboxId.generate();
expect(MailboxId.parse(`${id.value}@example.com`)?.value).toBe(id.value);
});
});
describe("MailboxId.unchecked", () => {
it("wraps a value without validation", () => {
expect(MailboxId.unchecked("anything").value).toBe("anything");
});
});
describe("MailboxId.emailAddress", () => {
it("builds the full inbound address from the mailbox and a domain", () => {
expect(
MailboxId.unchecked("river.castle.42").emailAddress("news.app"),
).toBe("river.castle.42@news.app");
});
});
src/domain/value-objects/mailbox-id.ts
+49
View File
@@ -0,0 +1,49 @@
import { nouns } from "../../data/nouns";
// Inbound mailbox ids are noun1.noun2.XY (two lowercase nouns + a 2-digit suffix).
const MAILBOX_IN_ADDRESS = /^([a-z]+\.[a-z]+\.\d{2})@/i;
/**
* A feed's inbound mailbox identifier — the friendly `noun.noun.NN` local part of
* the address newsletters are sent to (`<mailboxId>@domain`). It is deliberately
* NOT the feed's identity: a `MailboxId` resolves to a `FeedId` through the
* `inbound:` index at reception, so the public read URL (the opaque `FeedId`) and
* the inbound address stay decoupled.
*
* `parse` pulls it from an untrusted inbound address (the most untrusted input in
* the system); `generate` mints a fresh one. The original casing is preserved.
*/
export class MailboxId {
private constructor(readonly value: string) {}
/** Extract the mailbox id from an inbound address (`noun.noun.NN@domain`). */
static parse(emailAddress: string): MailboxId | null {
const match = emailAddress.match(MAILBOX_IN_ADDRESS);
return match ? new MailboxId(match[1]) : null;
}
/**
* Wrap a string as a MailboxId WITHOUT revalidating it. The caller asserts the
* value originated from our own minting (a stored `mailbox_id`). Untrusted
* external input (an inbound address) must go through `parse` instead.
*/
static unchecked(value: string): MailboxId {
return new MailboxId(value);
}
static generate(): MailboxId {
const noun1 = nouns[Math.floor(Math.random() * nouns.length)];
const noun2 = nouns[Math.floor(Math.random() * nouns.length)];
const number = Math.floor(Math.random() * 90) + 10;
return new MailboxId(`${noun1}.${noun2}.${number}`);
}
/** The full inbound email address (`<mailboxId>@<domain>`) newsletters target. */
emailAddress(domain: string): string {
return `${this.value}@${domain}`;
}
toString(): string {
return this.value;
}
}
src/index.test.ts
+54
View File
@@ -1,10 +1,20 @@
import { describe, it, expect } from "vitest";
import worker from "./index";
import { APP_VERSION } from "./config/version";
import { createMockEnv } from "./test/setup";
import { createFeedRecord } from "./application/feed-service";
import { FeedRepository } from "./infrastructure/feed-repository";
import { FeedId } from "./domain/value-objects/feed-id";
import { MailboxId } from "./domain/value-objects/mailbox-id";
import type { Env } from "./types";
const env = createMockEnv();
const noopCtx = {
waitUntil: () => {},
passThroughOnException: () => {},
} as unknown as ExecutionContext;
function req(path: string, init: RequestInit = {}): Request {
return new Request(`https://test.getmynews.app${path}`, init);
}
@@ -55,6 +65,50 @@ describe("CORS middleware", () => {
});
});
describe("scheduled (cron) TTL cleanup", () => {
it("drops the inbound mailbox index when an expired feed is purged", async () => {
const cronEnv = createMockEnv() as unknown as Env;
const { feedId, mailboxId } = await createFeedRecord(cronEnv, {
title: "Expiring",
language: "en",
allowedSenders: [],
blockedSenders: [],
});
const repo = FeedRepository.from(cronEnv);
// The address resolves to the feed before the cron runs.
expect(
(await repo.resolveInbound(MailboxId.unchecked(mailboxId)))?.value,
).toBe(feedId);
// Backdate the feed so the cron treats it as expired.
const list = (await cronEnv.EMAIL_STORAGE.get("feeds:list", "json")) as {
feeds: Array<{ id: string; expires_at?: number; mailbox_id?: string }>;
};
list.feeds[0].expires_at = Date.now() - 1000;
await cronEnv.EMAIL_STORAGE.put("feeds:list", JSON.stringify(list));
await worker.scheduled({} as ScheduledEvent, cronEnv, noopCtx);
// The feed is gone AND its inbound address no longer resolves.
expect(await repo.getConfig(FeedId.unchecked(feedId))).toBeNull();
expect(
await repo.resolveInbound(MailboxId.unchecked(mailboxId)),
).toBeNull();
});
});
describe("GET /health", () => {
it("reports status ok and the bundled app version", async () => {
const res = await worker.fetch(req("/health"), env as unknown as Env);
expect(res.status).toBe(200);
const body = (await res.json()) as { status: string; version: string };
expect(body.status).toBe("ok");
expect(body.version).toBe(APP_VERSION);
expect(body.version).toMatch(/^\d+\.\d+\.\d+/);
});
});
describe("GET /robots.txt", () => {
it("returns 200 and disallows the private feed/entry paths", async () => {
const res = await worker.fetch(req("/robots.txt"), env as unknown as Env);
src/index.ts
+11 -1
View File
@@ -3,6 +3,7 @@ import { cors } from "hono/cors";
import { handle as handleInbound } from "./routes/inbound";
import { handle as handleRSS } from "./routes/rss";
import { handle as handleAtom } from "./routes/atom";
import { handle as handleJSON } from "./routes/json";
import { handle as handleAdmin } from "./routes/admin";
import { handle as handleEntry } from "./routes/entries";
import { handle as handleFiles } from "./routes/files";
@@ -12,6 +13,7 @@ import { hubRouter } from "./routes/hub";
import { apiApp } from "./routes/api";
import { handleCloudflareEmail } from "./infrastructure/cloudflare-email";
import { Env } from "./types";
import { APP_VERSION } from "./config/version";
import { logger } from "./infrastructure/logger";
import { FeedRepository } from "./infrastructure/feed-repository";
import { purgeExpiredFeeds } from "./application/feed-cleanup";
@@ -116,6 +118,7 @@ app.use(
const api = new Hono<AppEnv>();
const rss = new Hono<AppEnv>();
const atom = new Hono<AppEnv>();
const json = new Hono<AppEnv>();
const entries = new Hono<AppEnv>();
const files = new Hono<AppEnv>();
const admin = new Hono<AppEnv>();
@@ -151,6 +154,9 @@ rss.get("/:feedId", handleRSS);
// Atom feed routes (public)
atom.get("/:feedId", handleAtom);
// JSON Feed routes (public)
json.get("/:feedId", handleJSON);
// Email entry HTML view (public)
entries.get("/:feedId/:entryId", handleEntry);
@@ -166,6 +172,7 @@ app.route("/api", api);
app.route("/api", apiApp);
app.route("/rss", rss);
app.route("/atom", atom);
app.route("/json", json);
app.route("/entries", entries);
app.route("/files", files);
app.route("/admin", admin);
@@ -179,7 +186,9 @@ app.get("/favicon.ico", handleFavicon); // readers/browsers that hardcode .ico
app.get("/favicon/:feedId", handleFeedFavicon);
// Health check endpoint for monitoring
app.get("/health", (c) => c.json({ status: "ok", timestamp: Date.now() }));
app.get("/health", (c) =>
c.json({ status: "ok", version: APP_VERSION, timestamp: Date.now() }),
);
// Public status page (counters + link to admin)
app.get("/", handleHome);
@@ -222,6 +231,7 @@ export default {
);
}
if (expiredIds.length > 0) {
// removeFromListBulk also drops each feed's inbound mailbox index.
await repo.removeFromListBulk(expiredIds);
await bumpCounters(env.EMAIL_STORAGE, {
feeds_deleted: expiredIds.length,
src/infrastructure/cloudflare-email.test.ts
+3 -2
View File
@@ -1,6 +1,6 @@
import { describe, it, expect, beforeEach } from "vitest";
import "../test/setup";
import { createMockEnv } from "../test/setup";
import { createMockEnv, seedInboundIndex } from "../test/setup";
import { handleCloudflareEmail } from "./cloudflare-email";
import { getCounters } from "../application/stats";
@@ -62,8 +62,9 @@ const FALLBACK = "fallback@personal.example";
describe("handleCloudflareEmail", () => {
let env: ReturnType<typeof createMockEnv>;
beforeEach(() => {
beforeEach(async () => {
env = createMockEnv();
await seedInboundIndex(env, VALID_FEED_ID);
});
it("stores email in KV when feed exists", async () => {
src/infrastructure/cloudflare-email.ts
+1
View File
@@ -68,6 +68,7 @@ export async function handleCloudflareEmail(
// dropped so a real newsletter never leaks into the fallback inbox.
const FORWARDABLE_REASONS = new Set<IngestRejectionReason>([
"invalid_address",
"mailbox_unknown",
"feed_not_found",
]);
src/infrastructure/counters-repository.test.ts
+1
View File
@@ -15,6 +15,7 @@ describe("CountersRepository", () => {
emails_received: 2,
emails_rejected: 0,
emails_forwarded: 0,
emails_deduplicated: 0,
unsubscribes_sent: 0,
});
expect(await repo.getRaw()).toMatchObject({ emails_received: 2 });
src/infrastructure/feed-generator.test.ts
+38 -4
View File
@@ -10,6 +10,7 @@ const mockFeedConfig: FeedConfig = {
title: "Test Newsletter",
description: "A test feed",
language: "en",
mailbox_id: "test.news.42",
created_at: 1700000000000,
};
@@ -146,14 +147,46 @@ describe("generateRssFeed", () => {
expect(result).not.toContain("<item>");
});
it("feed link points to admin emails page", () => {
it("leaves the item title unprefixed by default", () => {
const result = generateRssFeed(
mockFeedConfig,
mockEmails,
BASE_URL,
FEED_ID,
);
expect(result).toContain(`${BASE_URL}/admin/feeds/${FEED_ID}/emails`);
expect(result).toContain("Hello World");
expect(result).not.toContain("[Alice]");
});
it("prefixes the item title with the sender when sender_in_title is set", () => {
const result = generateRssFeed(
{ ...mockFeedConfig, sender_in_title: true },
mockEmails,
BASE_URL,
FEED_ID,
);
expect(result).toContain("[Alice] Hello World");
});
it("falls back to the email address when the sender has no display name", () => {
const result = generateRssFeed(
{ ...mockFeedConfig, sender_in_title: true },
[{ ...mockEmails[0], from: "bob@example.com" }],
BASE_URL,
FEED_ID,
);
expect(result).toContain("[bob@example.com] Hello World");
});
it("feed link points to the public read URL, never an admin path", () => {
const result = generateRssFeed(
mockFeedConfig,
mockEmails,
BASE_URL,
FEED_ID,
);
expect(result).toContain(`<link>${BASE_URL}/rss/${FEED_ID}</link>`);
expect(result).not.toContain("/admin/");
});
it("strips html/head/body wrapper from item description", () => {
@@ -263,14 +296,15 @@ describe("generateAtomFeed", () => {
expect(result).not.toContain("<entry>");
});
it("feed link points to admin emails page", () => {
it("feed link points to the public read URL, never an admin path", () => {
const result = generateAtomFeed(
mockFeedConfig,
mockEmails,
BASE_URL,
FEED_ID,
);
expect(result).toContain(`${BASE_URL}/admin/feeds/${FEED_ID}/emails`);
expect(result).toContain(`${BASE_URL}/rss/${FEED_ID}`);
expect(result).not.toContain("/admin/");
});
it("strips html/head/body wrapper from entry content", () => {
src/infrastructure/feed-generator.ts
+35 -19
View File
@@ -2,6 +2,7 @@ import { Feed } from "feed";
import { FeedConfig, EmailData } from "../types";
import { processEmailContent, htmlToText } from "./html-processor";
import { EmailAddress } from "../domain/value-objects/email-address";
import { entryPath } from "./urls";
export { processEmailContent as extractBodyContent };
@@ -13,24 +14,12 @@ function stripInvalidXmlChars(xml: string): string {
return xml.replace(/[^\x09\x0A\x0D\x20--\u{10000}-\u{10FFFF}]/gu, "");
}
function parseFromAddress(from: string): { name: string; email?: string } {
const match = from.match(/^(.*?)\s*<([^>]+)>\s*$/);
if (match) {
return { name: match[1].trim() || match[2], email: match[2].trim() };
}
const emailOnly = from.match(/^[^\s@]+@[^\s@]+\.[^\s@]+$/);
if (emailOnly) {
return { email: from.trim(), name: from.trim() };
}
return { name: from.trim() };
}
function buildFeed(
feedConfig: FeedConfig,
emails: EmailData[],
baseUrl: string,
feedId: string,
selfUrl?: { rss?: string; atom?: string },
selfUrl?: { rss?: string; atom?: string; json?: string },
): Feed {
const iconUrl = `${baseUrl}/favicon/${feedId}`;
const feed = new Feed({
@@ -43,8 +32,9 @@ function buildFeed(
// Computed dynamically so the id is always canonical regardless of what
// was stored in KV at feed-creation time (which may have used a stale domain).
id: `${baseUrl}/rss/${feedId}`,
// Link points to the admin emails page — the "website" this feed represents.
link: `${baseUrl}/admin/feeds/${feedId}/emails`,
// Public "website" for this feed: its own read URL (never the inbound address
// or an auth-gated admin path, so the feed output leaks neither).
link: `${baseUrl}/rss/${feedId}`,
language: feedConfig.language,
updated: new Date(),
generator: "kill-the-news",
@@ -52,6 +42,7 @@ function buildFeed(
feedLinks: {
rss: selfUrl?.rss ?? `${baseUrl}/rss/${feedId}`,
atom: selfUrl?.atom ?? `${baseUrl}/atom/${feedId}`,
json: selfUrl?.json ?? `${baseUrl}/json/${feedId}`,
},
author: feedConfig.author
? {
@@ -62,22 +53,31 @@ function buildFeed(
});
for (const email of emails) {
const entryUrl = `${baseUrl}/entries/${feedId}/${email.receivedAt}`;
const entryUrl = `${baseUrl}${entryPath(feedId, email.receivedAt)}`;
// Inline images are rendered in the body, not surfaced as an enclosure.
const firstAttachment = email.attachments?.find((a) => !a.inline);
const sender = EmailAddress.parse(email.from);
const senderLabel = sender?.label() ?? email.from.trim();
const bodyContent = processEmailContent(
email.content,
email.attachments,
baseUrl,
EmailAddress.parse(email.from)?.siteBaseUrl() ?? "",
sender?.siteBaseUrl() ?? "",
);
const subject = htmlToText(email.subject);
feed.addItem({
title: htmlToText(email.subject),
title: feedConfig.sender_in_title
? `[${senderLabel}] ${subject}`
: subject,
id: entryUrl,
link: entryUrl,
description: bodyContent,
content: bodyContent,
author: [parseFromAddress(email.from)],
author: [
sender
? { name: senderLabel, email: sender.normalized }
: { name: senderLabel },
],
date: new Date(email.receivedAt),
enclosure: firstAttachment
? {
@@ -127,3 +127,19 @@ export function generateAtomFeed(
).atom1(),
);
}
export function generateJsonFeed(
feedConfig: FeedConfig,
emails: EmailData[],
baseUrl: string,
feedId: string,
selfUrl?: string,
): string {
return buildFeed(
feedConfig,
emails,
baseUrl,
feedId,
selfUrl ? { json: selfUrl } : undefined,
).json1();
}
src/infrastructure/feed-mapper.test.ts
+16
View File
@@ -7,6 +7,7 @@ const fullConfig: FeedConfig = {
title: "News",
description: "desc",
language: "en",
mailbox_id: "a.b.42",
author: "Jane",
allowed_senders: ["a@x.com"],
blocked_senders: ["b@y.com"],
@@ -24,6 +25,7 @@ describe("feed-mapper", () => {
const state = fromConfigDTO({
title: "T",
language: "en",
mailbox_id: "t.t.42",
created_at: 1,
});
expect(state.allowedSenders).toEqual([]);
@@ -39,7 +41,21 @@ describe("feed-mapper", () => {
id: "a.b.42",
title: "News",
description: "desc",
mailbox_id: "a.b.42",
expires_at: 3000,
pendingConfirmation: false,
hasNativeFeed: false,
});
});
it("projects hasNativeFeed when passed", () => {
const item = toListItemDTO(
FeedId.unchecked("a.b.42"),
fromConfigDTO(fullConfig),
true,
true,
);
expect(item.pendingConfirmation).toBe(true);
expect(item.hasNativeFeed).toBe(true);
});
});
src/infrastructure/feed-mapper.ts
+13 -1
View File
@@ -16,7 +16,9 @@ export function fromConfigDTO(dto: FeedConfig): FeedState {
title: dto.title,
description: dto.description,
language: dto.language,
mailboxId: dto.mailbox_id,
author: dto.author,
senderInTitle: dto.sender_in_title,
allowedSenders: dto.allowed_senders ?? [],
blockedSenders: dto.blocked_senders ?? [],
createdAt: dto.created_at,
@@ -31,7 +33,9 @@ export function toConfigDTO(state: FeedState): FeedConfig {
title: state.title,
description: state.description,
language: state.language,
mailbox_id: state.mailboxId,
author: state.author,
sender_in_title: state.senderInTitle,
allowed_senders: state.allowedSenders,
blocked_senders: state.blockedSenders,
created_at: state.createdAt,
@@ -41,11 +45,19 @@ export function toConfigDTO(state: FeedState): FeedConfig {
}
/** Domain state → the projection cached in the global `feeds:list` registry. */
export function toListItemDTO(id: FeedId, state: FeedState): FeedListItem {
export function toListItemDTO(
id: FeedId,
state: FeedState,
pendingConfirmation = false,
hasNativeFeed = false,
): FeedListItem {
return {
id: id.value,
title: state.title,
description: state.description,
mailbox_id: state.mailboxId,
expires_at: state.expiresAt,
pendingConfirmation,
hasNativeFeed,
};
}
src/infrastructure/feed-repository.test.ts
+125
View File
@@ -3,6 +3,7 @@ import { createMockEnv } from "../test/setup";
import { FeedRepository } from "./feed-repository";
import { Feed } from "../domain/feed.aggregate";
import { FeedId } from "../domain/value-objects/feed-id";
import { MailboxId } from "../domain/value-objects/mailbox-id";
import type { Env, FeedConfig, FeedMetadata, EmailData } from "../types";
const mockEnv = () => createMockEnv() as unknown as Env;
@@ -11,6 +12,7 @@ const fid = (value: string) => FeedId.unchecked(value);
const sampleConfig = (overrides: Partial<FeedConfig> = {}): FeedConfig => ({
title: "Test Feed",
language: "en",
mailbox_id: "test.feed.42",
created_at: 1000,
...overrides,
});
@@ -46,6 +48,44 @@ describe("FeedRepository key schema", () => {
});
});
describe("FeedRepository inbound index", () => {
const mbox = (v: string) => MailboxId.unchecked(v);
it("resolves a mailbox to its feed id and back to null after delete", async () => {
const repo = new FeedRepository(mockEnv().EMAIL_STORAGE);
expect(await repo.resolveInbound(mbox("river.castle.42"))).toBeNull();
await repo.putInboundIndex(mbox("river.castle.42"), fid("opaque-id-1"));
expect((await repo.resolveInbound(mbox("river.castle.42")))?.value).toBe(
"opaque-id-1",
);
await repo.deleteInboundIndex(mbox("river.castle.42"));
expect(await repo.resolveInbound(mbox("river.castle.42"))).toBeNull();
});
it("save() writes the inbound index from the aggregate's mailbox", async () => {
const repo = new FeedRepository(mockEnv().EMAIL_STORAGE);
await repo.save(
Feed.reconstitute(
fid("opaque-id-2"),
{
title: "T",
language: "en",
mailboxId: "lake.tower.77",
allowedSenders: [],
blockedSenders: [],
createdAt: 1000,
},
{ emails: [] },
),
);
expect((await repo.resolveInbound(mbox("lake.tower.77")))?.value).toBe(
"opaque-id-2",
);
});
});
describe("FeedRepository config & metadata", () => {
it("round-trips and deletes a feed config", async () => {
const repo = new FeedRepository(mockEnv().EMAIL_STORAGE);
@@ -106,6 +146,7 @@ describe("FeedRepository feed list", () => {
{
title,
language: "en",
mailboxId: `${id}.mbox`,
allowedSenders: [],
blockedSenders: [],
createdAt: 1000,
@@ -153,4 +194,88 @@ describe("FeedRepository feed list", () => {
expect(removed.sort()).toEqual(["a.b.42", "e.f.10"]);
expect((await repo.listFeeds()).map((f) => f.id)).toEqual(["c.d.99"]);
});
it("drops each removed feed's inbound index (symmetric with save)", async () => {
const repo = new FeedRepository(mockEnv().EMAIL_STORAGE);
const mbox = (v: string) => MailboxId.unchecked(v);
await repo.save(feedWith("a.b.42", "One"));
await repo.save(feedWith("c.d.99", "Two"));
// Both addresses resolve before removal.
expect(await repo.resolveInbound(mbox("a.b.42.mbox"))).not.toBeNull();
expect(await repo.resolveInbound(mbox("c.d.99.mbox"))).not.toBeNull();
await repo.removeFromListBulk(["a.b.42"]);
// The removed feed's address stops resolving; the survivor's still does.
expect(await repo.resolveInbound(mbox("a.b.42.mbox"))).toBeNull();
expect((await repo.resolveInbound(mbox("c.d.99.mbox")))?.value).toBe(
"c.d.99",
);
});
});
describe("FeedRepository pendingConfirmation projection", () => {
function makeFeed(): Feed {
return Feed.create(
FeedId.generate(),
{
title: "T",
description: "",
language: "en",
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId: MailboxId.unchecked("alpha.beta.11") },
);
}
it("saveMetadata projects pendingConfirmation into feeds:list", async () => {
const repo = new FeedRepository(mockEnv().EMAIL_STORAGE);
const feed = makeFeed();
await repo.save(feed);
feed.ingest(
{
key: "k1",
subject: "s",
receivedAt: Date.now(),
size: 10,
confirmation: { links: ["https://x/confirm"] },
},
{ maxBytes: 1_000_000 },
);
await repo.saveMetadata(feed);
const list = await repo.listFeeds();
const entry = list.find((f) => f.id === feed.id.value);
expect(entry?.pendingConfirmation).toBe(true);
});
it("saveMetadata clears the projected flag after dismiss", async () => {
const repo = new FeedRepository(mockEnv().EMAIL_STORAGE);
const feed = makeFeed();
feed.ingest(
{
key: "k1",
subject: "s",
receivedAt: Date.now(),
size: 10,
confirmation: { links: ["https://x/confirm"] },
},
{ maxBytes: 1_000_000 },
);
await repo.save(feed);
expect(
(await repo.listFeeds()).find((f) => f.id === feed.id.value)
?.pendingConfirmation,
).toBe(true);
feed.dismissConfirmation();
await repo.saveMetadata(feed);
expect(
(await repo.listFeeds()).find((f) => f.id === feed.id.value)
?.pendingConfirmation,
).toBe(false);
});
});
src/infrastructure/feed-repository.ts
+67 -5
View File
@@ -10,6 +10,7 @@ import { FEEDS_LIST_KEY } from "../config/constants";
import { feedKeys } from "../domain/feed-keys";
import { Feed } from "../domain/feed.aggregate";
import { FeedId } from "../domain/value-objects/feed-id";
import { MailboxId } from "../domain/value-objects/mailbox-id";
import { fromConfigDTO, toConfigDTO, toListItemDTO } from "./feed-mapper";
import { logger } from "./logger";
@@ -86,17 +87,36 @@ export class FeedRepository {
await Promise.all([
this.putConfig(feed.id, toConfigDTO(feed.state())),
this.putMetadata(feed.id, feed.toMetadataSnapshot()),
this.upsertListEntry(toListItemDTO(feed.id, feed.state())),
this.upsertListEntry(
toListItemDTO(
feed.id,
feed.state(),
feed.pendingConfirmation,
feed.hasNativeFeed(),
),
),
this.putInboundIndex(feed.mailboxId, feed.id),
]);
}
/**
* Persist only the email index. Used by the ingest/delete paths where config
* is unchanged avoids a redundant config write on the hot path. The list
* projection (title/description/expiry) is untouched, so it is not rewritten.
* is unchanged avoids a redundant config write on the hot path. Also
* refreshes the `feeds:list` entry's `pendingConfirmation` projection so the
* dashboard reflects the latest flag state with a single subsequent KV read.
*/
async saveMetadata(feed: Feed): Promise<void> {
await this.putMetadata(feed.id, feed.toMetadataSnapshot());
await Promise.all([
this.putMetadata(feed.id, feed.toMetadataSnapshot()),
this.upsertListEntry(
toListItemDTO(
feed.id,
feed.state(),
feed.pendingConfirmation,
feed.hasNativeFeed(),
),
),
]);
}
/**
@@ -107,10 +127,39 @@ export class FeedRepository {
async saveConfig(feed: Feed): Promise<void> {
await Promise.all([
this.putConfig(feed.id, toConfigDTO(feed.state())),
this.upsertListEntry(toListItemDTO(feed.id, feed.state())),
this.upsertListEntry(
toListItemDTO(
feed.id,
feed.state(),
feed.pendingConfirmation,
feed.hasNativeFeed(),
),
),
this.putInboundIndex(feed.mailboxId, feed.id),
]);
}
// ── Inbound mailbox index ─────────────────────────────────────────────────
// Secondary index mapping the friendly inbound address (`noun.noun.NN`) to the
// feed's opaque id. Resolved only at reception (the write edge), so the public
// read id and the inbound address stay decoupled.
/** Resolve an inbound mailbox to its feed id, or null when no feed claims it. */
async resolveInbound(mailboxId: MailboxId): Promise<FeedId | null> {
const feedId = await this.kv.get(feedKeys.inbound(mailboxId.value), {
type: "text",
});
return feedId ? FeedId.unchecked(feedId) : null;
}
async putInboundIndex(mailboxId: MailboxId, feedId: FeedId): Promise<void> {
await this.kv.put(feedKeys.inbound(mailboxId.value), feedId.value);
}
async deleteInboundIndex(mailboxId: MailboxId): Promise<void> {
await this.kv.delete(feedKeys.inbound(mailboxId.value));
}
// ── Feed config ───────────────────────────────────────────────────────────
async getConfig(feedId: FeedId): Promise<FeedConfig | null> {
@@ -209,11 +258,13 @@ export class FeedRepository {
if (toRemove.size === 0) return [];
const removed: string[] = [];
const droppedMailboxes: string[] = [];
const nextFeeds: FeedListItem[] = [];
for (const feed of feedList.feeds) {
if (toRemove.has(feed.id)) {
removed.push(feed.id);
if (feed.mailbox_id) droppedMailboxes.push(feed.mailbox_id);
continue;
}
nextFeeds.push(feed);
@@ -223,6 +274,17 @@ export class FeedRepository {
feedList.feeds = nextFeeds;
await this.kv.put(FEEDS_LIST_KEY, JSON.stringify(feedList));
// Drop each removed feed's inbound index — symmetric with save() writing
// it. The index lives outside the feed:<id>: prefix the key purge sweeps,
// so a deleted feed's address would keep resolving if left behind. The
// mailbox is cached on the list item we just removed.
await Promise.all(
droppedMailboxes.map((mailbox) =>
this.deleteInboundIndex(MailboxId.unchecked(mailbox)),
),
);
return removed;
} catch (error) {
logger.error("Error removing feeds from list", { error: String(error) });
src/infrastructure/forwardemail.ts
+2
View File
@@ -15,6 +15,8 @@ export function ingestResultToResponse(result: IngestResult): Response {
switch (result.reason) {
case "invalid_address":
return new Response("Invalid email address format", { status: 400 });
case "mailbox_unknown":
return new Response("No feed for this address", { status: 404 });
case "feed_not_found":
return new Response("Feed does not exist", { status: 404 });
case "feed_expired":
src/infrastructure/html-processor.test.ts
+76
View File
@@ -3,6 +3,8 @@ import {
processEmailContent,
extractInlineCids,
htmlToText,
extractLinks,
extractFeedLinks,
} from "./html-processor";
import type { AttachmentData } from "../types";
@@ -319,3 +321,77 @@ describe("extractInlineCids", () => {
expect(extractInlineCids("").size).toBe(0);
});
});
describe("extractLinks", () => {
it("collects anchor href + text from HTML", () => {
const links = extractLinks(
'<p>hi <a href="https://x.example/confirm?t=1">Confirm</a> and <a href="https://x.example/home">Home</a></p>',
);
expect(links).toEqual([
{ href: "https://x.example/confirm?t=1", text: "Confirm" },
{ href: "https://x.example/home", text: "Home" },
]);
});
it("falls back to regex URL extraction for plain text", () => {
const links = extractLinks(
"Confirm here: https://x.example/verify/abc thanks",
);
expect(links).toEqual([
{
href: "https://x.example/verify/abc",
text: "https://x.example/verify/abc",
},
]);
});
it("returns an empty array for empty content", () => {
expect(extractLinks("")).toEqual([]);
});
});
describe("extractFeedLinks", () => {
it("extracts rel=alternate links that carry a type", () => {
const html = `<html><head>
<link rel="alternate" type="application/rss+xml" href="https://blog.example.com/feed.xml">
<link rel="alternate" type="application/atom+xml" href="https://blog.example.com/atom.xml">
</head><body>hi</body></html>`;
expect(extractFeedLinks(html)).toEqual([
{
href: "https://blog.example.com/feed.xml",
type: "application/rss+xml",
},
{
href: "https://blog.example.com/atom.xml",
type: "application/atom+xml",
},
]);
});
it("ignores non-alternate rels and links without a type", () => {
const html = `<head>
<link rel="stylesheet" type="text/css" href="https://x.com/a.css">
<link rel="alternate" href="https://x.com/notype">
</head>`;
expect(extractFeedLinks(html)).toEqual([]);
});
it("absolutizes a relative href against the base", () => {
const html = `<head><link rel="alternate" type="application/rss+xml" href="/feed.xml"></head>`;
expect(extractFeedLinks(html, "https://blog.example.com")).toEqual([
{
href: "https://blog.example.com/feed.xml",
type: "application/rss+xml",
},
]);
});
it("drops a relative href when no base is given", () => {
const html = `<head><link rel="alternate" type="application/rss+xml" href="/feed.xml"></head>`;
expect(extractFeedLinks(html)).toEqual([]);
});
it("returns [] for plain-text bodies", () => {
expect(extractFeedLinks("just text https://x.com/feed")).toEqual([]);
});
});
src/infrastructure/html-processor.ts
+57
View File
@@ -41,6 +41,63 @@ export function htmlToText(value: string): string {
.trim();
}
// Collect the links from an email body for confirmation detection: anchor href +
// visible text from HTML, or a regex URL sweep for plain-text bodies. Infra owns
// the DOM parse; the domain detector receives plain tuples.
export function extractLinks(
content: string,
): { href: string; text: string }[] {
if (!content) return [];
if (isPlainText(content)) {
const urls = content.match(/https?:\/\/[^\s<>"')]+/gi) ?? [];
return urls.map((url) => ({ href: url, text: url }));
}
const { document } = parseHTML(content);
const links: { href: string; text: string }[] = [];
document.querySelectorAll("a[href]").forEach((el: Element) => {
const href = (el.getAttribute("href") ?? "").trim();
if (!href) return;
links.push({
href,
text: ((el as unknown as { textContent?: string }).textContent ?? "")
.replace(/\s+/g, " ")
.trim(),
});
});
return links;
}
// Collect a newsletter's self-advertised feed declarations from
// <link rel="alternate" type="…"> tags. Returns raw href+type tuples; the
// domain decides which MIME types count as a feed. Relative hrefs are
// absolutized against the sender base (best-effort); only http(s) URLs survive.
// Plain-text bodies have no <link> → [].
export function extractFeedLinks(
content: string,
base = "",
): { href: string; type: string }[] {
if (!content || isPlainText(content)) return [];
const { document } = parseHTML(content);
const links: { href: string; type: string }[] = [];
document
.querySelectorAll('link[rel~="alternate"][type]')
.forEach((el: Element) => {
const type = (el.getAttribute("type") ?? "").trim();
const rawHref = (el.getAttribute("href") ?? "").trim();
if (!type || !rawHref) return;
// toAbsolute() skips already-absolute hrefs (returns null), so keep those as-is.
const href = /^https?:\/\//i.test(rawHref)
? rawHref
: (toAbsolute(rawHref, base) ?? "");
if (!/^https?:\/\//i.test(href)) return;
links.push({ href, type });
});
return links;
}
// Newsletters frequently defer images via data-src/loading="lazy"; readers don't
// run the lazy-loader, so the image renders blank. Promote the real source.
function promoteLazyImages(document: ParsedDocument): void {
src/infrastructure/http-cache.ts
+68
View File
@@ -0,0 +1,68 @@
import { FeedConfig, EmailData } from "../types";
export interface FeedValidators {
etag: string;
lastModified: string;
maxReceivedAt: number;
}
/**
* Compute HTTP cache validators (ETag + Last-Modified) for a feed.
* The ETag is derived from the feed format prefix, feedId, email count, and max
* receivedAt, making it a strong deterministic validator that changes whenever
* the feed content changes.
*/
export function computeFeedValidators(
format: "rss" | "atom",
feedId: string,
feedConfig: FeedConfig,
emails: EmailData[],
): FeedValidators {
const maxReceivedAt =
emails.length > 0
? Math.max(...emails.map((e) => e.receivedAt))
: (feedConfig.created_at ?? 0);
const hash = `${format}-${feedId}-${emails.length}-${maxReceivedAt}`;
const etag = `"${hash}"`;
const lastModified = new Date(maxReceivedAt).toUTCString();
return { etag, lastModified, maxReceivedAt };
}
/**
* Returns true if the request carries a matching conditional GET header,
* meaning a 304 Not Modified response is appropriate.
*/
export function isNotModified(
req: Request,
validators: FeedValidators,
): boolean {
const ifNoneMatch = req.headers.get("If-None-Match");
if (ifNoneMatch !== null) {
return ifNoneMatch === validators.etag;
}
const ifModifiedSince = req.headers.get("If-Modified-Since");
if (ifModifiedSince !== null) {
const clientTime = new Date(ifModifiedSince).getTime();
return !isNaN(clientTime) && clientTime >= validators.maxReceivedAt;
}
return false;
}
/**
* Build a 304 Not Modified response with the standard cache validator headers.
*/
export function notModifiedResponse(validators: FeedValidators): Response {
return new Response(null, {
status: 304,
headers: {
ETag: validators.etag,
"Last-Modified": validators.lastModified,
"Cache-Control": "max-age=1800",
"X-Robots-Tag": "noindex",
},
});
}
src/infrastructure/urls.test.ts
+58
View File
@@ -0,0 +1,58 @@
import { describe, it, expect } from "vitest";
import {
feedRssUrl,
feedAtomUrl,
feedJsonUrl,
feedFormatUrl,
feedValidatorUrl,
} from "./urls";
import { Env } from "../types";
const env = { DOMAIN: "getmynews.app" } as Env;
const feedId = "gAf6wiKyanpppcKX9o3B_Q";
describe("feed URL builders", () => {
it("builds RSS/Atom/JSON feed URLs", () => {
expect(feedRssUrl(feedId, env)).toBe(
"https://getmynews.app/rss/gAf6wiKyanpppcKX9o3B_Q",
);
expect(feedAtomUrl(feedId, env)).toBe(
"https://getmynews.app/atom/gAf6wiKyanpppcKX9o3B_Q",
);
expect(feedJsonUrl(feedId, env)).toBe(
"https://getmynews.app/json/gAf6wiKyanpppcKX9o3B_Q",
);
});
it("resolves a format to its feed URL", () => {
expect(feedFormatUrl("rss", feedId, env)).toBe(feedRssUrl(feedId, env));
expect(feedFormatUrl("atom", feedId, env)).toBe(feedAtomUrl(feedId, env));
expect(feedFormatUrl("json", feedId, env)).toBe(feedJsonUrl(feedId, env));
});
});
describe("feedValidatorUrl", () => {
it("points JSON feeds at validator.jsonfeed.org with the encoded feed URL", () => {
expect(feedValidatorUrl("json", feedId, env)).toBe(
"https://validator.jsonfeed.org/?url=" +
encodeURIComponent(feedJsonUrl(feedId, env)),
);
});
it("points RSS and Atom feeds at the W3C feed validator", () => {
expect(feedValidatorUrl("rss", feedId, env)).toBe(
"https://validator.w3.org/feed/check.cgi?url=" +
encodeURIComponent(feedRssUrl(feedId, env)),
);
expect(feedValidatorUrl("atom", feedId, env)).toBe(
"https://validator.w3.org/feed/check.cgi?url=" +
encodeURIComponent(feedAtomUrl(feedId, env)),
);
});
it("percent-encodes the feed URL so the validator query is well-formed", () => {
const url = feedValidatorUrl("json", feedId, env);
expect(url).toContain("https%3A%2F%2Fgetmynews.app%2Fjson%2F");
expect(url).not.toContain("?url=https://");
});
});
src/infrastructure/urls.ts
+44 -2
View File
@@ -1,4 +1,5 @@
import { Env } from "../types";
import { MailboxId } from "../domain/value-objects/mailbox-id";
export function baseUrl(env: Env): string {
return `https://${env.DOMAIN}`;
@@ -12,6 +13,16 @@ export function feedAtomUrl(feedId: string, env: Env): string {
return `${baseUrl(env)}/atom/${feedId}`;
}
export function feedJsonUrl(feedId: string, env: Env): string {
return `${baseUrl(env)}/json/${feedId}`;
}
/** Path of an email's public HTML view. The single source of truth for the
* `/entries/:feedId/:entryId` route shape (entryId = the email's receivedAt). */
export function entryPath(feedId: string, receivedAt: number): string {
return `/entries/${feedId}/${receivedAt}`;
}
export function feedUrl(
format: "rss" | "atom",
feedId: string,
@@ -20,8 +31,39 @@ export function feedUrl(
return format === "rss" ? feedRssUrl(feedId, env) : feedAtomUrl(feedId, env);
}
export function feedEmailAddress(feedId: string, env: Env): string {
return `${feedId}@${env.EMAIL_DOMAIN ?? env.DOMAIN}`;
export type FeedFormat = "rss" | "atom" | "json";
export function feedFormatUrl(
format: FeedFormat,
feedId: string,
env: Env,
): string {
if (format === "atom") return feedAtomUrl(feedId, env);
if (format === "json") return feedJsonUrl(feedId, env);
return feedRssUrl(feedId, env);
}
/**
* Link to a third-party validator for the public feed URL: the W3C Feed
* Validator for RSS/Atom, validator.jsonfeed.org for JSON Feed. Used in the
* admin UI so an operator can confirm a feed parses in real readers.
*/
export function feedValidatorUrl(
format: FeedFormat,
feedId: string,
env: Env,
): string {
const encoded = encodeURIComponent(feedFormatUrl(format, feedId, env));
return format === "json"
? `https://validator.jsonfeed.org/?url=${encoded}`
: `https://validator.w3.org/feed/check.cgi?url=${encoded}`;
}
export function feedEmailAddress(mailboxId: string, env: Env): string {
// The mailbox→address shape lives on the VO; this edge only resolves the domain.
return MailboxId.unchecked(mailboxId).emailAddress(
env.EMAIL_DOMAIN ?? env.DOMAIN,
);
}
export function feedTopicPattern(env: Env): RegExp {
src/infrastructure/websub.ts
+1
View File
@@ -60,6 +60,7 @@ async function buildFeedXml(
title: `Newsletter Feed ${feedId.value}`,
description: "Converted email newsletter",
language: "en",
mailbox_id: "",
created_at: Date.now(),
};
src/routes/admin.test.ts
+637 -2
View File
@@ -5,6 +5,10 @@ import app from "./admin";
import { createMockEnv, server } from "../test/setup";
import { getCounters } from "../application/stats";
import { Env } from "../types";
import { FeedRepository } from "../infrastructure/feed-repository";
import { Feed } from "../domain/feed.aggregate";
import { FeedId } from "../domain/value-objects/feed-id";
import { MailboxId } from "../domain/value-objects/mailbox-id";
describe("Admin Routes", () => {
let testApp: Hono;
@@ -147,8 +151,10 @@ describe("Admin Routes", () => {
body: formData,
});
expect(res.status).toBe(302); // Redirects back to dashboard
expect(res.headers.get("Location")).toBe("/admin?view=list#your-feeds");
expect(res.status).toBe(302); // Redirects to new feed's emails page
expect(res.headers.get("Location")).toMatch(
/^\/admin\/feeds\/.+\/emails$/,
);
// Verify feed was created in KV
const feedList = (await mockEnv.EMAIL_STORAGE.get(
@@ -168,6 +174,34 @@ describe("Admin Routes", () => {
expect(feedConfig).toBeTruthy();
expect((feedConfig as any).title).toBe("Test Feed");
expect((feedConfig as any).description).toBe("Test Description");
// Two-id model: the feed id is an opaque read id; the inbound address is
// a separate noun.noun.NN mailbox, mapped via the inbound: index.
const mailboxId = (feedConfig as any).mailbox_id as string;
expect(mailboxId).toMatch(/^[a-z]+\.[a-z]+\.\d{2}$/);
expect(feedId).toMatch(/^[A-Za-z0-9_-]{22}$/);
expect(feedId).not.toBe(mailboxId);
expect((feedList?.feeds[0] as any).mailbox_id).toBe(mailboxId);
expect(
await mockEnv.EMAIL_STORAGE.get(`inbound:${mailboxId}`, "text"),
).toBe(feedId);
// The dashboard shows the inbound address and the opaque feed URL,
// distinctly — and never exposes the address as a readable feed URL.
const dash = await request("/admin", {
headers: { Cookie: authCookie },
});
const html = await dash.text();
expect(html).toContain(`${mailboxId}@test.getmynews.app`);
expect(html).toContain(`/rss/${feedId}`);
expect(html).not.toContain(`/rss/${mailboxId}`);
// The feed-formats block surfaces all three formats (incl. JSON Feed)
// plus per-format validator links.
expect(html).toContain(`/atom/${feedId}`);
expect(html).toContain(`/json/${feedId}`);
expect(html).toContain("validator.jsonfeed.org");
expect(html).toContain("validator.w3.org/feed");
});
it("should reject feed creation with missing title", async () => {
@@ -732,6 +766,15 @@ describe("Admin Routes", () => {
it("lists attachments with download links on the email detail page", async () => {
const authCookie = await loginAndGetCookie();
const feedId = "detail-feed";
await mockEnv.EMAIL_STORAGE.put(
`feed:${feedId}:config`,
JSON.stringify({
title: "Detail Feed",
mailbox_id: "detail.feed.10",
language: "en",
created_at: 1,
}),
);
const emailKey = `feed:${feedId}:1`;
await mockEnv.EMAIL_STORAGE.put(
emailKey,
@@ -769,6 +812,15 @@ describe("Admin Routes", () => {
it("renders inline cid images in place and hides them from the attachments list", async () => {
const authCookie = await loginAndGetCookie();
const feedId = "detail-feed";
await mockEnv.EMAIL_STORAGE.put(
`feed:${feedId}:config`,
JSON.stringify({
title: "Detail Feed",
mailbox_id: "detail.feed.10",
language: "en",
created_at: 1,
}),
);
const emailKey = `feed:${feedId}:3`;
await mockEnv.EMAIL_STORAGE.put(
emailKey,
@@ -814,6 +866,15 @@ describe("Admin Routes", () => {
it("does not render an attachments section when the email has none", async () => {
const authCookie = await loginAndGetCookie();
const feedId = "detail-feed";
await mockEnv.EMAIL_STORAGE.put(
`feed:${feedId}:config`,
JSON.stringify({
title: "Detail Feed",
mailbox_id: "detail.feed.10",
language: "en",
created_at: 1,
}),
);
const emailKey = `feed:${feedId}:2`;
await mockEnv.EMAIL_STORAGE.put(
emailKey,
@@ -835,6 +896,39 @@ describe("Admin Routes", () => {
expect(body).not.toContain("Attachments");
});
it("links to the public entry page using the feed id and receivedAt", async () => {
const authCookie = await loginAndGetCookie();
const feedId = "detail-feed";
await mockEnv.EMAIL_STORAGE.put(
`feed:${feedId}:config`,
JSON.stringify({
title: "Detail Feed",
mailbox_id: "detail.feed.10",
language: "en",
created_at: 1,
}),
);
const emailKey = `feed:${feedId}:2`;
await mockEnv.EMAIL_STORAGE.put(
emailKey,
JSON.stringify({
subject: "Linkable",
from: "sender@example.com",
content: "<p>hello</p>",
receivedAt: 2,
headers: {},
}),
);
const res = await request(`/admin/emails/${emailKey}`, {
headers: { Cookie: authCookie },
});
expect(res.status).toBe(200);
const body = await res.text();
expect(body).toContain(`href="/entries/${feedId}/2"`);
});
it("form-based bulk-delete also removes R2 attachments", async () => {
const r2Env = createMockEnv({ withR2: true }) as unknown as Env;
const bucket = r2Env.ATTACHMENT_BUCKET as unknown as {
@@ -1038,4 +1132,545 @@ describe("Admin Routes", () => {
expect(cfg.allowed_senders).toContain("alice@example.com");
});
});
describe("Confirmation features", () => {
it("detail view shows confirmation-section with links when email has confirmation metadata", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
// Create feed aggregate
const feedId = FeedId.generate();
const mailboxId = MailboxId.unchecked("confirm.test.01");
const feed = Feed.create(
feedId,
{
title: "Confirm Test Feed",
language: "en",
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId },
);
await repo.save(feed);
// Mint an email key and put the email body
const emailKey = repo.newEmailKey(feedId);
await repo.putEmail(emailKey, {
subject: "Please confirm your subscription",
from: "newsletter@example.com",
content: "<p>Click to confirm</p>",
receivedAt: Date.now(),
headers: {},
});
// Ingest the email into the aggregate with confirmation links
feed.ingest(
{
key: emailKey,
subject: "Please confirm your subscription",
receivedAt: Date.now(),
confirmation: { links: ["https://example.com/confirm?t=1"] },
},
{ maxBytes: 10_000_000 },
);
await repo.saveMetadata(feed);
const res = await request(`/admin/emails/${emailKey}`, {
headers: { Cookie: authCookie },
});
expect(res.status).toBe(200);
const body = await res.text();
expect(body).toContain("confirmation-section");
expect(body).toContain("https://example.com/confirm?t=1");
});
it("email list shows confirmation-badge for emails with confirmation metadata", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
// Create feed aggregate
const feedId = FeedId.generate();
const mailboxId = MailboxId.unchecked("confirm.badge.02");
const feed = Feed.create(
feedId,
{
title: "Confirm Badge Feed",
language: "en",
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId },
);
await repo.save(feed);
const emailKey = repo.newEmailKey(feedId);
await repo.putEmail(emailKey, {
subject: "Confirm subscription",
from: "newsletter@example.com",
content: "<p>Click to confirm</p>",
receivedAt: Date.now(),
headers: {},
});
feed.ingest(
{
key: emailKey,
subject: "Confirm subscription",
receivedAt: Date.now(),
confirmation: { links: ["https://example.com/confirm?t=1"] },
},
{ maxBytes: 10_000_000 },
);
await repo.saveMetadata(feed);
const res = await request(`/admin/feeds/${feedId.value}/emails`, {
headers: { Cookie: authCookie },
});
expect(res.status).toBe(200);
const body = await res.text();
expect(body).toContain("confirmation-badge");
});
it("dismiss route clears pendingConfirmation flag", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
// Create feed aggregate with a confirmation email
const feedId = FeedId.generate();
const mailboxId = MailboxId.unchecked("confirm.dismiss.03");
const feed = Feed.create(
feedId,
{
title: "Dismiss Test Feed",
language: "en",
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId },
);
await repo.save(feed);
const emailKey = repo.newEmailKey(feedId);
await repo.putEmail(emailKey, {
subject: "Confirm subscription",
from: "newsletter@example.com",
content: "<p>Click to confirm</p>",
receivedAt: Date.now(),
headers: {},
});
feed.ingest(
{
key: emailKey,
subject: "Confirm subscription",
receivedAt: Date.now(),
confirmation: { links: ["https://example.com/confirm?t=2"] },
},
{ maxBytes: 10_000_000 },
);
await repo.saveMetadata(feed);
// Verify flag is set
expect(feed.pendingConfirmation).toBe(true);
// Call dismiss route
const dismissRes = await request(
`/admin/feeds/${feedId.value}/confirmation/dismiss`,
{
method: "POST",
headers: {
Cookie: authCookie,
"Content-Type": "application/json",
Origin: `https://${mockEnv.DOMAIN}`,
},
},
);
expect(dismissRes.status).toBe(200);
const payload = (await dismissRes.json()) as any;
expect(payload.ok).toBe(true);
// Reload feed from repo and check flag is cleared
const reloaded = await repo.load(feedId);
expect(reloaded).not.toBeNull();
expect(reloaded!.pendingConfirmation).toBe(false);
});
it("dashboard list view shows pill-confirmation for feeds with pendingConfirmation", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
// Create feed aggregate with a confirmation email
const feedId = FeedId.generate();
const mailboxId = MailboxId.unchecked("confirm.dash.04");
const feed = Feed.create(
feedId,
{
title: "Dashboard Confirm Feed",
language: "en",
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId },
);
await repo.save(feed);
const emailKey = repo.newEmailKey(feedId);
await repo.putEmail(emailKey, {
subject: "Confirm your subscription",
from: "newsletter@example.com",
content: "<p>Click to confirm</p>",
receivedAt: Date.now(),
headers: {},
});
feed.ingest(
{
key: emailKey,
subject: "Confirm your subscription",
receivedAt: Date.now(),
confirmation: { links: ["https://x/confirm"] },
},
{ maxBytes: 1_000_000 },
);
await repo.saveMetadata(feed);
const res = await request("/admin?view=list", {
headers: { Cookie: authCookie },
});
expect(res.status).toBe(200);
const body = await res.text();
expect(body).toContain("pill-confirmation");
});
it("dashboard table view shows pill-confirmation for feeds with pendingConfirmation", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
// Create feed aggregate with a confirmation email — same seeding as list view test
const feedId = FeedId.generate();
const mailboxId = MailboxId.unchecked("confirm.table.05");
const feed = Feed.create(
feedId,
{
title: "Dashboard Confirm Feed Table",
language: "en",
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId },
);
await repo.save(feed);
const emailKey = repo.newEmailKey(feedId);
await repo.putEmail(emailKey, {
subject: "Confirm your subscription",
from: "newsletter@example.com",
content: "<p>Click to confirm</p>",
receivedAt: Date.now(),
headers: {},
});
feed.ingest(
{
key: emailKey,
subject: "Confirm your subscription",
receivedAt: Date.now(),
confirmation: { links: ["https://x/confirm"] },
},
{ maxBytes: 1_000_000 },
);
await repo.saveMetadata(feed);
const res = await request("/admin?view=table", {
headers: { Cookie: authCookie },
});
expect(res.status).toBe(200);
const body = await res.text();
expect(body).toContain("pill-confirmation");
});
it("feed emails page shows confirmation-banner when pendingConfirmation is true", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
// Seed a feed with a confirmation email so pendingConfirmation is raised
const feedId = FeedId.generate();
const mailboxId = MailboxId.unchecked("confirm.emails.06");
const feed = Feed.create(
feedId,
{
title: "Emails Page Confirm Feed",
language: "en",
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId },
);
await repo.save(feed);
const emailKey = repo.newEmailKey(feedId);
await repo.putEmail(emailKey, {
subject: "Confirm subscription",
from: "newsletter@example.com",
content: "<p>Click to confirm</p>",
receivedAt: Date.now(),
headers: {},
});
feed.ingest(
{
key: emailKey,
subject: "Confirm subscription",
receivedAt: Date.now(),
confirmation: { links: ["https://example.com/confirm?t=6"] },
},
{ maxBytes: 10_000_000 },
);
await repo.saveMetadata(feed);
const res = await request(`/admin/feeds/${feedId.value}/emails`, {
headers: { Cookie: authCookie },
});
expect(res.status).toBe(200);
const body = await res.text();
expect(body).toContain("confirmation-banner");
expect(body).toContain("confirmation-dismiss");
});
it("feed emails page reuses the dashboard Subscribe chips design", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
const feedId = FeedId.generate();
const mailboxId = MailboxId.unchecked("subscribe.chips.07");
const feed = Feed.create(
feedId,
{
title: "Chips Detail Feed",
language: "en",
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId },
);
await repo.save(feed);
const res = await request(`/admin/feeds/${feedId.value}/emails`, {
headers: { Cookie: authCookie },
});
expect(res.status).toBe(200);
const body = await res.text();
// The Subscribe chips block surfaces all three formats with copy/open/validate.
expect(body).toContain("feed-formats-chips");
expect(body).toContain(`/rss/${feedId.value}`);
expect(body).toContain(`/atom/${feedId.value}`);
expect(body).toContain(`/json/${feedId.value}`);
expect(body).toContain(`${mailboxId.value}@test.getmynews.app`);
// The old W3C validator-image block is gone.
expect(body).not.toContain("validator.w3.org/feed/images");
});
});
describe("Sender-in-title toggle", () => {
it("edit form renders the checkbox, unchecked by default", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
const feedId = FeedId.generate();
const feed = Feed.create(
feedId,
{
title: "Title Toggle Feed",
language: "en",
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId: MailboxId.unchecked("title.toggle.01") },
);
await repo.save(feed);
const res = await request(`/admin/feeds/${feedId.value}/edit`, {
headers: { Cookie: authCookie },
});
expect(res.status).toBe(200);
const body = await res.text();
expect(body).toContain('name="sender_in_title"');
expect(body).toContain("Show sender in entry titles");
expect(body).not.toContain("checked");
});
it("persists the toggle through edit and reflects it back as checked", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
const feedId = FeedId.generate();
const feed = Feed.create(
feedId,
{
title: "Title Toggle Feed",
language: "en",
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId: MailboxId.unchecked("title.toggle.02") },
);
await repo.save(feed);
const form = new FormData();
form.append("title", "Title Toggle Feed");
form.append("sender_in_title", "true");
const post = await request(`/admin/feeds/${feedId.value}/edit`, {
method: "POST",
headers: {
Cookie: authCookie,
Origin: "https://test.getmynews.app",
},
body: form,
});
expect(post.status).toBe(302);
const cfg = await repo.getConfig(feedId);
expect(cfg?.sender_in_title).toBe(true);
const editPage = await request(`/admin/feeds/${feedId.value}/edit`, {
headers: { Cookie: authCookie },
});
expect(await editPage.text()).toContain("checked");
});
it("dashboard shows pill-native for feeds with hasNativeFeed", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
const feedId = FeedId.generate();
const mailboxId = MailboxId.unchecked("native.pill.08");
const feed = Feed.create(
feedId,
{
title: "N",
language: "en",
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId },
);
feed.ingest(
{ key: "k1", subject: "s", receivedAt: 1, size: 10 },
{
maxBytes: 1e9,
nativeFeeds: {
senderKey: "a@x.com",
feeds: [{ url: "https://x.com/rss", type: "rss" }],
},
},
);
await repo.save(feed);
const res = await request("/admin", { headers: { Cookie: authCookie } });
const body = await res.text();
expect(body).toContain("pill-native");
});
it("clears the toggle when the checkbox is omitted (unchecked)", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
const feedId = FeedId.generate();
const feed = Feed.create(
feedId,
{
title: "Title Toggle Feed",
language: "en",
senderInTitle: true,
allowedSenders: [],
blockedSenders: [],
},
{ mailboxId: MailboxId.unchecked("title.toggle.03") },
);
await repo.save(feed);
const form = new FormData();
form.append("title", "Title Toggle Feed");
// No sender_in_title field ⇒ unchecked.
const post = await request(`/admin/feeds/${feedId.value}/edit`, {
method: "POST",
headers: {
Cookie: authCookie,
Origin: "https://test.getmynews.app",
},
body: form,
});
expect(post.status).toBe(302);
const cfg = await repo.getConfig(feedId);
expect(cfg?.sender_in_title).toBe(false);
});
it("feed detail shows a native-feeds group when a native feed was detected", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
const feedId = FeedId.generate();
const mailboxId = MailboxId.unchecked("native.detail.07");
const feed = Feed.create(
feedId,
{ title: "N", language: "en", allowedSenders: [], blockedSenders: [] },
{ mailboxId },
);
feed.ingest(
{ key: "k1", subject: "s", receivedAt: 1, size: 10 },
{
maxBytes: 1e9,
nativeFeeds: {
senderKey: "a@x.com",
feeds: [{ url: "https://blog.example.com/feed.xml", type: "rss" }],
},
},
);
await repo.save(feed);
const res = await request(`/admin/feeds/${feedId.value}/emails`, {
headers: { Cookie: authCookie },
});
const body = await res.text();
expect(body).toContain("native-feeds");
expect(body).toContain("https://blog.example.com/feed.xml");
});
it("native-feed dismiss route clears the flag", async () => {
const authCookie = await loginAndGetCookie();
const repo = FeedRepository.from(mockEnv as unknown as Env);
const feedId = FeedId.generate();
const mailboxId = MailboxId.unchecked("native.dismiss.09");
const feed = Feed.create(
feedId,
{ title: "N", language: "en", allowedSenders: [], blockedSenders: [] },
{ mailboxId },
);
feed.ingest(
{ key: "k1", subject: "s", receivedAt: 1, size: 10 },
{
maxBytes: 1e9,
nativeFeeds: {
senderKey: "a@x.com",
feeds: [{ url: "https://x.com/rss", type: "rss" }],
},
},
);
await repo.save(feed);
const res = await request(
`/admin/feeds/${feedId.value}/native-feed/dismiss`,
{
method: "POST",
headers: {
Cookie: authCookie,
"Content-Type": "application/json",
Origin: `https://${mockEnv.DOMAIN}`,
},
},
);
expect(res.status).toBe(200);
const reloaded = await repo.load(feedId);
expect(reloaded!.hasNativeFeed()).toBe(false);
expect(reloaded!.nativeFeeds()).toHaveLength(1); // URLs preserved
});
});
});
src/routes/admin.tsx
+46 -155
View File
@@ -7,17 +7,21 @@ import { csrf } from "hono/csrf";
import { ADMIN_COOKIE_MAX_AGE } from "../config/constants";
import { logger } from "../infrastructure/logger";
import { timingSafeEqual, checkProxyAuth } from "../infrastructure/auth";
import { Layout, clampText } from "./admin/ui";
import {
Layout,
clampText,
CopyIcon,
CheckIcon,
FeedFormats,
ExpiryBadge,
} from "./admin/ui";
import { FeedRepository } from "../infrastructure/feed-repository";
import { FeedId } from "../domain/value-objects/feed-id";
import { editFeedDetails } from "../application/feed-service";
import {
feedRssUrl,
feedAtomUrl,
feedEmailAddress,
} from "../infrastructure/urls";
import { feedEmailAddress } from "../infrastructure/urls";
import { feedsRouter } from "./admin/feeds";
import { emailsRouter } from "./admin/emails";
import { handleOpml } from "./opml";
import { dashboardScript } from "../scripts/generated/dashboard";
type AppEnv = { Bindings: Env };
@@ -200,41 +204,6 @@ app.get("/logout", (c) => {
// dashboardScript is compiled from src/scripts/client/dashboard.ts via `npm run build:client`.
// It is imported from src/scripts/generated/dashboard.ts above.
// ── Shared SVG icons ──────────────────────────────────────────────────────────
const CopyIcon = () => (
<svg
class="copy-icon copy-icon-original"
width="16"
height="16"
viewBox="0 0 24 24"
fill="none"
stroke="currentColor"
stroke-width="2"
stroke-linecap="round"
stroke-linejoin="round"
>
<rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
<path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
</svg>
);
const CheckIcon = () => (
<svg
class="copy-icon copy-icon-success"
width="16"
height="16"
viewBox="0 0 24 24"
fill="none"
stroke="currentColor"
stroke-width="2"
stroke-linecap="round"
stroke-linejoin="round"
>
<path d="M20 6L9 17l-5-5"></path>
</svg>
);
type CopyFieldInlineProps = {
value: string;
emailAddress?: string;
@@ -254,34 +223,17 @@ const CopyFieldInline = ({ value }: CopyFieldInlineProps) => (
</div>
);
function formatExpiry(expiresAt: number): { label: string; expired: boolean } {
const remaining = expiresAt - Date.now();
if (remaining <= 0) {
const h = Math.floor(-remaining / 3_600_000);
return {
label: h > 0 ? `Expired ${h}h ago` : "Just expired",
expired: true,
};
}
const h = Math.floor(remaining / 3_600_000);
if (h >= 48) {
return { label: `Expires in ${Math.floor(h / 24)}d`, expired: false };
}
const m = Math.floor((remaining % 3_600_000) / 60_000);
return {
label: h > 0 ? `Expires in ${h}h ${m}m` : `Expires in ${m}m`,
expired: false,
};
}
const ConfirmationPill = ({ feedId }: { feedId: string }) => (
<a class="pill pill-confirmation" href={`/admin/feeds/${feedId}/emails`}>
Confirmation pending
</a>
);
const ExpiryBadge = ({ expiresAt }: { expiresAt: number }) => {
const { label, expired } = formatExpiry(expiresAt);
return (
<span class={`pill ${expired ? "pill-expired" : "pill-expiry"}`}>
{label}
</span>
);
};
const NativeFeedPill = ({ feedId }: { feedId: string }) => (
<a class="pill pill-native" href={`/admin/feeds/${feedId}/emails`}>
Native feed available
</a>
);
// Admin dashboard route
app.get("/", async (c) => {
@@ -521,8 +473,7 @@ app.get("/", async (c) => {
<col data-col="title" style="width: 280px;" />
<col data-col="feedId" style="width: 150px;" />
<col data-col="email" style="width: 200px;" />
<col data-col="rss" style="width: 190px;" />
<col data-col="atom" style="width: 190px;" />
<col data-col="formats" style="width: 230px;" />
<col data-col="expires" style="width: 130px;" />
<col data-col="actions" style="width: 170px;" />
</colgroup>
@@ -601,47 +552,11 @@ app.get("/", async (c) => {
title="Resize"
></div>
</th>
<th
class="th-resizable"
data-sort-key="rss"
aria-sort="none"
>
<button
type="button"
class="th-button"
data-sort-key="rss"
>
RSS
<span
class="sort-indicator"
aria-hidden="true"
></span>
</button>
<th class="th-resizable">
<span>Formats</span>
<div
class="col-resizer"
data-col="rss"
title="Resize"
></div>
</th>
<th
class="th-resizable"
data-sort-key="atom"
aria-sort="none"
>
<button
type="button"
class="th-button"
data-sort-key="atom"
>
Atom
<span
class="sort-indicator"
aria-hidden="true"
></span>
</button>
<div
class="col-resizer"
data-col="atom"
data-col="formats"
title="Resize"
></div>
</th>
@@ -665,16 +580,15 @@ app.get("/", async (c) => {
</thead>
<tbody id="feed-table-body">
{feedsWithConfig.map((feed) => {
const emailAddress = feedEmailAddress(feed.id, env);
const rssUrl = feedRssUrl(feed.id, env);
const atomUrl = feedAtomUrl(feed.id, env);
const emailAddress = feedEmailAddress(
feed.mailbox_id,
env,
);
const titleDisplay = clampText(feed.title, 160);
const titleHover = clampText(feed.title, 1000);
const sortTitle = titleHover.toLowerCase();
const sortFeedId = feed.id.toLowerCase();
const sortEmail = emailAddress.toLowerCase();
const sortRss = rssUrl.toLowerCase();
const sortAtom = atomUrl.toLowerCase();
const descDisplay = clampText(
feed.description || "",
220,
@@ -694,8 +608,6 @@ app.get("/", async (c) => {
data-sort-title={sortTitle}
data-sort-feed-id={sortFeedId}
data-sort-email={sortEmail}
data-sort-rss={sortRss}
data-sort-atom={sortAtom}
>
<td>
<input
@@ -730,6 +642,12 @@ app.get("/", async (c) => {
</div>
)}
</div>
{feed.pendingConfirmation && (
<ConfirmationPill feedId={feed.id} />
)}
{feed.hasNativeFeed && (
<NativeFeedPill feedId={feed.id} />
)}
</div>
</td>
<td>
@@ -739,10 +657,7 @@ app.get("/", async (c) => {
<CopyFieldInline value={emailAddress} />
</td>
<td>
<CopyFieldInline value={rssUrl} />
</td>
<td>
<CopyFieldInline value={atomUrl} />
<FeedFormats feedId={feed.id} env={env} compact />
</td>
<td>
{feed.expires_at ? (
@@ -822,9 +737,7 @@ app.get("/", async (c) => {
<ul class="feed-list">
{feedsWithConfig.map((feed) => {
const emailAddress = feedEmailAddress(feed.id, env);
const rssUrl = feedRssUrl(feed.id, env);
const atomUrl = feedAtomUrl(feed.id, env);
const emailAddress = feedEmailAddress(feed.mailbox_id, env);
const titleDisplay = clampText(feed.title, 140);
const titleHover = clampText(feed.title, 1000);
const descDisplay = clampText(feed.description || "", 240);
@@ -856,6 +769,12 @@ app.get("/", async (c) => {
{feed.expires_at && (
<ExpiryBadge expiresAt={feed.expires_at} />
)}
{feed.pendingConfirmation && (
<ConfirmationPill feedId={feed.id} />
)}
{feed.hasNativeFeed && (
<NativeFeedPill feedId={feed.id} />
)}
{feed.description && (
<p class="feed-description">
<span title={descHover}>{descDisplay}</span>
@@ -880,38 +799,7 @@ app.get("/", async (c) => {
</div>
</div>
</div>
<div class="copyable">
<span class="copyable-label">RSS Feed:</span>
<div class="copyable-content">
<span
class="copyable-value"
data-copy={rssUrl}
title={rssUrl}
>
{rssUrl}
</span>
<div class="copy-icon-container">
<CopyIcon />
<CheckIcon />
</div>
</div>
</div>
<div class="copyable">
<span class="copyable-label">Atom Feed:</span>
<div class="copyable-content">
<span
class="copyable-value"
data-copy={atomUrl}
title={atomUrl}
>
{atomUrl}
</span>
<div class="copy-icon-container">
<CopyIcon />
<CheckIcon />
</div>
</div>
</div>
<FeedFormats feedId={feed.id} env={env} />
</div>
<div class="feed-buttons">
@@ -975,6 +863,9 @@ app.get("/", async (c) => {
);
});
// OPML export (admin-protected)
app.get("/opml", handleOpml);
// Mount sub-routers
app.route("/feeds", feedsRouter);
app.route("/", emailsRouter);
src/routes/admin/emails.tsx
+167 -72
View File
@@ -1,7 +1,16 @@
import { Hono } from "hono";
import { Env, EmailMetadata } from "../../types";
import { logger } from "../../infrastructure/logger";
import { Layout, clampText } from "./ui";
import {
Layout,
clampText,
CopyIcon,
CheckIcon,
FeedFormats,
ExpiryBadge,
NativeFeeds,
} from "./ui";
import { unionNativeFeeds } from "../../domain/native-feed";
import {
deleteAttachmentsForEmails,
deleteKeysWithConcurrency,
@@ -9,10 +18,9 @@ import {
import { FeedRepository } from "../../infrastructure/feed-repository";
import { FeedId } from "../../domain/value-objects/feed-id";
import {
feedRssUrl,
feedAtomUrl,
feedEmailAddress,
baseUrl,
entryPath,
} from "../../infrastructure/urls";
import { processEmailContent } from "../../infrastructure/html-processor";
import { formatBytes } from "../../domain/format";
@@ -24,41 +32,6 @@ type AppEnv = { Bindings: Env };
export const emailsRouter = new Hono<AppEnv>();
// ── Shared SVG icons ──────────────────────────────────────────────────────────
const CopyIcon = () => (
<svg
class="copy-icon copy-icon-original"
width="16"
height="16"
viewBox="0 0 24 24"
fill="none"
stroke="currentColor"
stroke-width="2"
stroke-linecap="round"
stroke-linejoin="round"
>
<rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
<path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
</svg>
);
const CheckIcon = () => (
<svg
class="copy-icon copy-icon-success"
width="16"
height="16"
viewBox="0 0 24 24"
fill="none"
stroke="currentColor"
stroke-width="2"
stroke-linecap="round"
stroke-linejoin="round"
>
<path d="M20 6L9 17l-5-5"></path>
</svg>
);
type CopyFieldProps = {
label: string;
value: string;
@@ -169,9 +142,8 @@ emailsRouter.get("/feeds/:feedId/emails", async (c) => {
return c.text("Feed not found", 404);
}
const emailAddress = feedEmailAddress(feedId, env);
const rssUrl = feedRssUrl(feedId, env);
const atomUrl = feedAtomUrl(feedId, env);
const nativeFeeds = unionNativeFeeds(feedMetadata.nativeFeeds);
const emailAddress = feedEmailAddress(feedConfig.mailbox_id, env);
return c.html(
<Layout title={`${feedConfig.title} - Emails`}>
@@ -188,38 +160,57 @@ emailsRouter.get("/feeds/:feedId/emails", async (c) => {
</div>
<div class="card">
<h2>Feed Details</h2>
<div>
<CopyField label="Email Address:" value={emailAddress} />
<CopyField label="RSS Feed:" value={rssUrl} />
<CopyField label="Atom Feed:" value={atomUrl} />
</div>
<div class="feed-validate">
<a
href={`https://validator.w3.org/feed/check.cgi?url=${encodeURIComponent(atomUrl)}`}
target="_blank"
rel="noopener noreferrer"
>
<img
src="https://validator.w3.org/feed/images/valid-atom.png"
alt="[Valid Atom 1.0]"
title="Validate my Atom 1.0 feed"
/>
</a>
<a
href={`https://validator.w3.org/feed/check.cgi?url=${encodeURIComponent(rssUrl)}`}
target="_blank"
rel="noopener noreferrer"
>
<img
src="https://validator.w3.org/feed/images/valid-rss-rogers.png"
alt="[Valid RSS]"
title="Validate my RSS feed"
/>
</a>
</div>
{feedConfig.expires_at && (
<div class="feed-header">
<ExpiryBadge expiresAt={feedConfig.expires_at} />
</div>
)}
<CopyField label="Email:" value={emailAddress} />
<FeedFormats feedId={feedId} env={env} />
<NativeFeeds feeds={nativeFeeds} />
</div>
{feedMetadata.pendingConfirmation && (
<div
class="confirmation-banner"
id="confirmation-banner"
data-feed-id={feedId}
>
<span>A subscription-confirmation email was detected.</span>
<div class="confirmation-banner-actions">
<button
type="button"
class="button button-small"
id="confirmation-dismiss"
>
Mark as confirmed
</button>
</div>
</div>
)}
{nativeFeeds.length > 0 && !feedMetadata.nativeFeedDismissed && (
<div
class="confirmation-banner"
id="native-feed-banner"
data-feed-id={feedId}
>
<span>
This newsletter publishes its own feed subscribe to it directly
from "Native feeds" above.
</span>
<div class="confirmation-banner-actions">
<button
type="button"
class="button button-small"
id="native-feed-dismiss"
>
Dismiss
</button>
</div>
</div>
)}
<h2>
Emails (
<span id="email-total-count">{feedMetadata.emails.length}</span>)
@@ -354,6 +345,7 @@ emailsRouter.get("/feeds/:feedId/emails", async (c) => {
const attachmentLabel = `${attachmentCount} attachment${
attachmentCount > 1 ? "s" : ""
}`;
const isConfirmation = !!email.confirmation;
const sortSubject = subjectHover.toLowerCase();
const sortReceivedAt = String(email.receivedAt);
const searchHaystack = clampText(
@@ -400,6 +392,14 @@ emailsRouter.get("/feeds/:feedId/emails", async (c) => {
</svg>
</span>
) : null}
{isConfirmation ? (
<span
class="confirmation-badge"
title="Subscription confirmation"
>
Confirmation
</span>
) : null}
<span class="truncate" title={subjectHover}>
{subjectDisplay}
</span>
@@ -466,6 +466,13 @@ emailsRouter.get("/emails/:emailKey", async (c) => {
if (!emailData) return c.text("Email not found", 404);
const feedId = repo.feedIdFromEmailKey(emailKey);
const feedConfig = await repo.getConfig(FeedId.unchecked(feedId));
if (!feedConfig) return c.text("Feed not found", 404);
const feedMetadata = await repo.getMetadata(FeedId.unchecked(feedId));
const confirmationLinks =
feedMetadata?.emails.find((e) => e.key === emailKey)?.confirmation?.links ??
[];
// Inline images render in place; only downloadable attachments go in the list.
const attachments = (emailData.attachments ?? []).filter((a) => !a.inline);
@@ -584,10 +591,38 @@ emailsRouter.get("/emails/:emailKey", async (c) => {
value={new Date(emailData.receivedAt).toLocaleString()}
/>
<SenderField from={emailData.from} feedId={feedId} />
<CopyField label="To:" value={feedEmailAddress(feedId, env)} />
<CopyField
label="To:"
value={feedEmailAddress(feedConfig.mailbox_id, env)}
/>
</div>
</div>
{confirmationLinks.length > 0 && (
<div class="confirmation-section">
<h2>Confirm your subscription</h2>
<p class="muted">
This looks like a subscription-confirmation email. Open the link
to confirm.
</p>
<a
class="button confirmation-primary"
href={confirmationLinks[0]}
target="_blank"
rel="noopener noreferrer"
>
Confirm subscription
</a>
<div class="confirmation-links">
{confirmationLinks.map((link) => (
<a href={link} target="_blank" rel="noopener noreferrer">
{link}
</a>
))}
</div>
</div>
)}
<div class="toggle-view">
<button
id="rendered-button"
@@ -599,6 +634,14 @@ emailsRouter.get("/emails/:emailKey", async (c) => {
<button id="raw-button" class="toggle-button" onclick="showRaw()">
Raw HTML
</button>
<a
class="toggle-view-link"
href={entryPath(feedId, emailData.receivedAt)}
target="_blank"
rel="noopener noreferrer"
>
Public page
</a>
</div>
<div class="email-content">
@@ -690,6 +733,58 @@ emailsRouter.post("/emails/:emailKey/delete", async (c) => {
}
});
// ── Dismiss confirmation ──────────────────────────────────────────────────────
emailsRouter.post("/feeds/:feedId/confirmation/dismiss", async (c) => {
const env = c.env;
const repo = FeedRepository.from(env);
const feedId = c.req.param("feedId");
const wantsJson = (
c.req.header("Accept") ||
c.req.header("Content-Type") ||
""
).includes("application/json");
const feed = await repo.load(FeedId.unchecked(feedId));
if (!feed) {
return wantsJson
? c.json({ ok: false, error: "Feed not found" }, 404)
: c.text("Feed not found", 404);
}
feed.dismissConfirmation();
await repo.saveMetadata(feed);
return wantsJson
? c.json({ ok: true })
: c.redirect(`/admin/feeds/${feedId}/emails`);
});
// ── Dismiss native-feed notice ───────────────────────────────────────────────
emailsRouter.post("/feeds/:feedId/native-feed/dismiss", async (c) => {
const env = c.env;
const repo = FeedRepository.from(env);
const feedId = c.req.param("feedId");
const wantsJson = (
c.req.header("Accept") ||
c.req.header("Content-Type") ||
""
).includes("application/json");
const feed = await repo.load(FeedId.unchecked(feedId));
if (!feed) {
return wantsJson
? c.json({ ok: false, error: "Feed not found" }, 404)
: c.text("Feed not found", 404);
}
feed.dismissNativeFeed();
await repo.saveMetadata(feed);
return wantsJson
? c.json({ ok: true })
: c.redirect(`/admin/feeds/${feedId}/emails`);
});
// ── Bulk delete emails ────────────────────────────────────────────────────────
emailsRouter.post("/feeds/:feedId/emails/bulk-delete", async (c) => {
src/routes/admin/feeds.tsx
+22 -6
View File
@@ -70,7 +70,6 @@ feedsRouter.post("/create", async (c) => {
let title: string;
let description: string | undefined;
let language: string;
let view: string;
let allowedSenders: string[];
let blockedSenders: string[];
let lifetimeHoursRaw: string | undefined;
@@ -81,7 +80,6 @@ feedsRouter.post("/create", async (c) => {
description =
body.description != null ? String(body.description) : undefined;
language = String(body.language ?? "en");
view = "list";
allowedSenders = Array.isArray(body.allowedSenders)
? normalizeAllowedSenders(
(body.allowedSenders as unknown[]).map(String),
@@ -99,7 +97,6 @@ feedsRouter.post("/create", async (c) => {
title = formData.get("title")?.toString() || "";
description = formData.get("description")?.toString();
language = formData.get("language")?.toString() || "en";
view = formData.get("view")?.toString() === "table" ? "table" : "list";
allowedSenders = parseAllowedSenders(
formData.get("allowed_senders")?.toString() || "",
);
@@ -121,7 +118,7 @@ feedsRouter.post("/create", async (c) => {
? parseInt(lifetimeHoursRaw, 10)
: undefined;
const { feedId } = await createFeedRecord(env, {
const { feedId, mailboxId } = await createFeedRecord(env, {
title: parsedData.title,
description: parsedData.description,
language: parsedData.language,
@@ -133,12 +130,12 @@ feedsRouter.post("/create", async (c) => {
if (isJson) {
return c.json({
feedId,
email: feedEmailAddress(feedId, env),
email: feedEmailAddress(mailboxId, env),
feedUrl: feedRssUrl(feedId, env),
});
}
return c.redirect(`/admin?view=${view}#your-feeds`);
return c.redirect(`/admin/feeds/${feedId}/emails`);
} catch (error) {
logger.error("Error creating feed", { error: String(error) });
if (c.req.header("Content-Type")?.includes("application/json")) {
@@ -272,6 +269,23 @@ feedsRouter.get("/:feedId/edit", async (c) => {
</small>
</div>
<div class="form-group">
<label class="checkbox-label">
<input
type="checkbox"
name="sender_in_title"
value="true"
checked={feedConfig.sender_in_title ?? false}
disabled={isExpired}
/>
Show sender in entry titles
</label>
<small>
Render each entry's title as <code>[Sender] Subject</code> for
at-a-glance scanning in your reader.
</small>
</div>
<div class="form-group">
<label for="lifetime_hours">Lifetime (hours)</label>
<input
@@ -325,6 +339,7 @@ feedsRouter.post("/:feedId/edit", async (c) => {
const blockedSenders = parseAllowedSenders(
formData.get("blocked_senders")?.toString() || "",
);
const senderInTitle = formData.get("sender_in_title") === "true";
const lifetimeHoursRaw = formData.get("lifetime_hours")?.toString();
const parsedData = updateFeedSchema.parse({
@@ -341,6 +356,7 @@ feedsRouter.post("/:feedId/edit", async (c) => {
language: parsedData.language,
allowedSenders: parsedData.allowedSenders,
blockedSenders: parsedData.blockedSenders,
senderInTitle,
lifetimeHours: lifetimeHoursRaw
? parseInt(lifetimeHoursRaw, 10)
: undefined,
src/routes/admin/ui.tsx
+236
View File
@@ -3,7 +3,15 @@ import layoutCss from "../../styles/layout.css";
import componentsCss from "../../styles/components.css";
import utilitiesCss from "../../styles/utilities.css";
import { interactiveScripts } from "../../scripts/index";
import { APP_VERSION } from "../../config/version";
import { FAVICON_PATH } from "../favicon";
import { Env } from "../../types";
import type { NativeFeed } from "../../types";
import {
feedFormatUrl,
feedValidatorUrl,
type FeedFormat,
} from "../../infrastructure/urls";
const designSystem = [
variablesCss,
@@ -71,6 +79,10 @@ export const Layout = ({ title, label = "admin", children }: LayoutProps) => {
>
Sponsor
</a>
<span class="site-footer-sep" aria-hidden="true">
·
</span>
<span class="site-footer-version">v{APP_VERSION}</span>
</footer>
</body>
</html>
@@ -89,3 +101,227 @@ export function clampText(value: string, maxLen: number): string {
}
return `${raw.slice(0, maxLen - 3).trimEnd()}...`;
}
// ── Shared SVG icons ──────────────────────────────────────────────────────────
export const CopyIcon = () => (
<svg
class="copy-icon copy-icon-original"
width="16"
height="16"
viewBox="0 0 24 24"
fill="none"
stroke="currentColor"
stroke-width="2"
stroke-linecap="round"
stroke-linejoin="round"
>
<rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
<path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
</svg>
);
export const CheckIcon = () => (
<svg
class="copy-icon copy-icon-success"
width="16"
height="16"
viewBox="0 0 24 24"
fill="none"
stroke="currentColor"
stroke-width="2"
stroke-linecap="round"
stroke-linejoin="round"
>
<path d="M20 6L9 17l-5-5"></path>
</svg>
);
const OpenIcon = () => (
<svg
class="chip-icon"
width="14"
height="14"
viewBox="0 0 24 24"
fill="none"
stroke="currentColor"
stroke-width="2"
stroke-linecap="round"
stroke-linejoin="round"
aria-hidden="true"
>
<path d="M18 13v6a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2V8a2 2 0 0 1 2-2h6"></path>
<polyline points="15 3 21 3 21 9"></polyline>
<line x1="10" y1="14" x2="21" y2="3"></line>
</svg>
);
const ValidateIcon = () => (
<svg
class="chip-icon"
width="14"
height="14"
viewBox="0 0 24 24"
fill="none"
stroke="currentColor"
stroke-width="2"
stroke-linecap="round"
stroke-linejoin="round"
aria-hidden="true"
>
<path d="M22 11.08V12a10 10 0 1 1-5.93-9.14"></path>
<polyline points="22 4 12 14.01 9 11.01"></polyline>
</svg>
);
// ── Feed format chips ("Subscribe" block) ─────────────────────────────────────
const FORMAT_LABELS: Record<FeedFormat, string> = {
rss: "RSS",
atom: "Atom",
json: "JSON",
};
// One copyable feed chip: copy + open, plus an optional validate action.
// Shared by the KTN "Subscribe" formats and the detected native feeds, so the
// copy-script markup (`copyable-value`/`data-copy`) stays identical in one place.
const FeedChip = ({
label,
format,
url,
validateUrl,
}: {
label: string;
format: FeedFormat;
url: string;
validateUrl?: string;
}) => (
<div class="format-chip" data-format={format}>
<span class="format-chip-label">{label}</span>
<span class="format-chip-actions">
<span class="copyable copyable-chip">
<span
class="copyable-content"
title={`Copy ${label} feed URL`}
aria-label={`Copy ${label} feed URL`}
>
<span class="copyable-value" data-copy={url} hidden></span>
<span class="copy-icon-container">
<CopyIcon />
<CheckIcon />
</span>
</span>
</span>
<a
class="chip-action"
href={url}
target="_blank"
rel="noopener noreferrer"
title={`Open ${label} feed in a new tab`}
aria-label={`Open ${label} feed in a new tab`}
>
<OpenIcon />
</a>
{validateUrl && (
<a
class="chip-action"
href={validateUrl}
target="_blank"
rel="noopener noreferrer"
title={`Validate ${label} feed`}
aria-label={`Validate ${label} feed`}
>
<ValidateIcon />
</a>
)}
</span>
</div>
);
const FormatChip = ({
format,
feedId,
env,
}: {
format: FeedFormat;
feedId: string;
env: Env;
}) => (
<FeedChip
label={FORMAT_LABELS[format]}
format={format}
url={feedFormatUrl(format, feedId, env)}
validateUrl={feedValidatorUrl(format, feedId, env)}
/>
);
export const FeedFormats = ({
feedId,
env,
compact,
}: {
feedId: string;
env: Env;
compact?: boolean;
}) => (
<div class={`feed-formats${compact ? " feed-formats-compact" : ""}`}>
{!compact && <span class="feed-formats-label">Subscribe</span>}
<div class="feed-formats-chips">
<FormatChip format="rss" feedId={feedId} env={env} />
<FormatChip format="atom" feedId={feedId} env={env} />
<FormatChip format="json" feedId={feedId} env={env} />
</div>
</div>
);
// ── Native feed chips ─────────────────────────────────────────────────────────
export const NativeFeeds = ({ feeds }: { feeds: NativeFeed[] }) => {
if (feeds.length === 0) return null;
return (
<div class="feed-formats native-feeds">
<span class="feed-formats-label">Native feeds</span>
<div class="feed-formats-chips">
{feeds.map((feed) => (
<FeedChip
key={feed.url}
label={FORMAT_LABELS[feed.type]}
format={feed.type}
url={feed.url}
/>
))}
</div>
</div>
);
};
// ── Expiry pill ───────────────────────────────────────────────────────────────
function formatExpiry(expiresAt: number): { label: string; expired: boolean } {
const remaining = expiresAt - Date.now();
if (remaining <= 0) {
const h = Math.floor(-remaining / 3_600_000);
return {
label: h > 0 ? `Expired ${h}h ago` : "Just expired",
expired: true,
};
}
const h = Math.floor(remaining / 3_600_000);
if (h >= 48) {
return { label: `Expires in ${Math.floor(h / 24)}d`, expired: false };
}
const m = Math.floor((remaining % 3_600_000) / 60_000);
return {
label: h > 0 ? `Expires in ${h}h ${m}m` : `Expires in ${m}m`,
expired: false,
};
}
export const ExpiryBadge = ({ expiresAt }: { expiresAt: number }) => {
const { label, expired } = formatExpiry(expiresAt);
return (
<span class={`pill ${expired ? "pill-expired" : "pill-expiry"}`}>
{label}
</span>
);
};
src/routes/api/api.test.ts
+97
View File
@@ -3,6 +3,8 @@ import { Hono } from "hono";
import { apiApp } from "./index";
import { createMockEnv } from "../../test/setup";
import { Env } from "../../types";
import { FeedRepository } from "../../infrastructure/feed-repository";
import { FeedId } from "../../domain/value-objects/feed-id";
const PASSWORD = "test-password";
const authHeaders = { Authorization: `Bearer ${PASSWORD}` };
@@ -143,6 +145,40 @@ describe("REST API (/api/v1)", () => {
expect(afterList.feeds.map((f) => f.id)).not.toContain(created.id);
});
it("defaults senderInTitle to false and lets it be set on create and update", async () => {
const createRes = await request("/api/v1/feeds", {
method: "POST",
headers: { ...authHeaders, "Content-Type": "application/json" },
body: JSON.stringify({ title: "Title Feed" }),
});
const created = (await createRes.json()) as {
id: string;
senderInTitle: boolean;
};
expect(created.senderInTitle).toBe(false);
const setRes = await request("/api/v1/feeds", {
method: "POST",
headers: { ...authHeaders, "Content-Type": "application/json" },
body: JSON.stringify({ title: "Prefixed Feed", senderInTitle: true }),
});
const set = (await setRes.json()) as {
id: string;
senderInTitle: boolean;
};
expect(set.senderInTitle).toBe(true);
const patchRes = await request(`/api/v1/feeds/${set.id}`, {
method: "PATCH",
headers: { ...authHeaders, "Content-Type": "application/json" },
body: JSON.stringify({ senderInTitle: false }),
});
expect(patchRes.status).toBe(200);
expect(
(await patchRes.json()) as { senderInTitle: boolean },
).toMatchObject({ senderInTitle: false });
});
it("returns 400 for an invalid create body", async () => {
const res = await request("/api/v1/feeds", {
method: "POST",
@@ -178,6 +214,65 @@ describe("REST API (/api/v1)", () => {
});
});
describe("nativeFeeds field", () => {
it("returns nativeFeeds as empty array for a brand-new feed", async () => {
const feedId = await createFeed("Native Feed Test");
const res = await request(`/api/v1/feeds/${feedId}`, {
headers: authHeaders,
});
expect(res.status).toBe(200);
const body = (await res.json()) as { nativeFeeds: unknown };
expect(body.nativeFeeds).toEqual([]);
});
it("returns nativeFeeds populated when the feed metadata has native feeds", async () => {
const feedId = await createFeed("Native Feed With Data");
const id = FeedId.unchecked(feedId);
const repo = FeedRepository.from(mockEnv);
const feed = await repo.load(id);
expect(feed).not.toBeNull();
const receivedAt = Date.now();
feed!.ingest(
{
key: `feed:${feedId}:email:${receivedAt}`,
subject: "Newsletter",
receivedAt,
},
{
maxBytes: 1e9,
nativeFeeds: {
senderKey: "author@blog.example.com",
feeds: [{ url: "https://blog.example.com/feed.xml", type: "rss" }],
},
},
);
await repo.save(feed!);
const res = await request(`/api/v1/feeds/${feedId}`, {
headers: authHeaders,
});
expect(res.status).toBe(200);
const body = (await res.json()) as {
nativeFeeds: { url: string; type: string }[];
};
expect(body.nativeFeeds).toEqual([
{ url: "https://blog.example.com/feed.xml", type: "rss" },
]);
});
it("PATCH response also includes nativeFeeds", async () => {
const feedId = await createFeed("Patch Native Feed Test");
const res = await request(`/api/v1/feeds/${feedId}`, {
method: "PATCH",
headers: { ...authHeaders, "Content-Type": "application/json" },
body: JSON.stringify({ title: "Updated Title" }),
});
expect(res.status).toBe(200);
const body = (await res.json()) as { nativeFeeds: unknown };
expect(body.nativeFeeds).toEqual([]);
});
});
describe("Emails", () => {
it("lists, reads and deletes an email", async () => {
const feedId = await createFeed();
@@ -261,10 +356,12 @@ describe("REST API (/api/v1)", () => {
feeds_created: number;
active_feeds: number;
attachments_enabled: boolean;
version: string;
};
expect(stats.feeds_created).toBeGreaterThanOrEqual(1);
expect(stats.active_feeds).toBeGreaterThanOrEqual(1);
expect(typeof stats.attachments_enabled).toBe("boolean");
expect(stats.version).toMatch(/^\d+\.\d+\.\d+/);
});
});
src/routes/api/index.ts
+24 -6
View File
@@ -1,7 +1,8 @@
import { OpenAPIHono, createRoute, z } from "@hono/zod-openapi";
import { cors } from "hono/cors";
import { Scalar } from "@scalar/hono-api-reference";
import { Env, FeedConfig } from "../../types";
import { Env, FeedConfig, NativeFeed } from "../../types";
import { unionNativeFeeds } from "../../domain/native-feed";
import { apiAuthMiddleware } from "../../infrastructure/auth";
import {
createFeedRecord,
@@ -51,6 +52,7 @@ function toFeed(
config: FeedConfig,
emailCount: number,
env: Env,
nativeFeeds: NativeFeed[],
): z.infer<typeof FeedSchema> {
return {
id,
@@ -59,13 +61,15 @@ function toFeed(
language: config.language,
allowedSenders: config.allowed_senders ?? [],
blockedSenders: config.blocked_senders ?? [],
senderInTitle: config.sender_in_title ?? false,
createdAt: config.created_at,
updatedAt: config.updated_at,
expiresAt: config.expires_at,
emailCount,
emailAddress: feedEmailAddress(id, env),
emailAddress: feedEmailAddress(config.mailbox_id, env),
rssUrl: feedRssUrl(id, env),
atomUrl: feedAtomUrl(id, env),
nativeFeeds,
};
}
@@ -117,7 +121,7 @@ apiApp.openapi(
title: f.title,
description: f.description,
expiresAt: f.expires_at,
emailAddress: feedEmailAddress(f.id, env),
emailAddress: feedEmailAddress(f.mailbox_id, env),
rssUrl: feedRssUrl(f.id, env),
atomUrl: feedAtomUrl(f.id, env),
})),
@@ -152,9 +156,10 @@ apiApp.openapi(
language: body.language,
allowedSenders: normalizeSenders(body.allowedSenders) ?? [],
blockedSenders: normalizeSenders(body.blockedSenders) ?? [],
senderInTitle: body.senderInTitle,
lifetimeHours: body.lifetimeHours,
});
return c.json(toFeed(feedId, config, 0, env), 201);
return c.json(toFeed(feedId, config, 0, env, []), 201);
},
);
@@ -181,7 +186,13 @@ apiApp.openapi(
if (!config) return c.json({ error: "Feed not found" }, 404);
const metadata = await repo.getMetadata(id);
return c.json(
toFeed(feedId, config, metadata?.emails.length ?? 0, env),
toFeed(
feedId,
config,
metadata?.emails.length ?? 0,
env,
unionNativeFeeds(metadata?.nativeFeeds),
),
200,
);
},
@@ -217,6 +228,7 @@ apiApp.openapi(
language: body.language,
allowedSenders: normalizeSenders(body.allowedSenders),
blockedSenders: normalizeSenders(body.blockedSenders),
senderInTitle: body.senderInTitle,
lifetimeHours: body.lifetimeHours,
});
if (result.status === "not_found")
@@ -225,7 +237,13 @@ apiApp.openapi(
return c.json({ error: "Feed has expired and cannot be modified" }, 409);
const metadata = await FeedRepository.from(env).getMetadata(id);
return c.json(
toFeed(feedId, result.config, metadata?.emails.length ?? 0, env),
toFeed(
feedId,
result.config,
metadata?.emails.length ?? 0,
env,
unionNativeFeeds(metadata?.nativeFeeds),
),
200,
);
},
src/routes/api/schemas.ts
+21 -1
View File
@@ -14,7 +14,9 @@ export const FeedIdParam = z.object({
.min(1)
.openapi({
param: { name: "feedId", in: "path" },
example: "happy-otter-1234",
description:
"The feed's opaque id (the read id in /rss/:feedId), not the inbound address.",
example: "kZ8xQ2pLm4nR7vT1wB9yJc",
}),
});
@@ -37,6 +39,10 @@ export const FeedCreateSchema = z
language: z.string().optional().default("en"),
allowedSenders: z.array(z.string()).optional().default([]),
blockedSenders: z.array(z.string()).optional().default([]),
senderInTitle: z.boolean().optional().openapi({
description:
"Render entry titles as `[Sender] Subject` in the feed output.",
}),
lifetimeHours: z.number().int().positive().optional().openapi({
description:
"Hours until the feed expires. Ignored when the server enforces a fixed FEED_TTL_HOURS.",
@@ -51,6 +57,10 @@ export const FeedUpdateSchema = z
language: z.string().optional(),
allowedSenders: z.array(z.string()).optional(),
blockedSenders: z.array(z.string()).optional(),
senderInTitle: z.boolean().optional().openapi({
description:
"Render entry titles as `[Sender] Subject` in the feed output.",
}),
lifetimeHours: z.number().int().positive().optional().openapi({
description: "Reset the feed's lifetime to this many hours from now.",
}),
@@ -81,6 +91,7 @@ export const FeedSchema = z
language: z.string(),
allowedSenders: z.array(z.string()),
blockedSenders: z.array(z.string()),
senderInTitle: z.boolean(),
createdAt: z.number(),
updatedAt: z.number().optional(),
expiresAt: z.number().optional(),
@@ -88,6 +99,12 @@ export const FeedSchema = z
emailAddress: z.string(),
rssUrl: z.string(),
atomUrl: z.string(),
nativeFeeds: z.array(
z.object({
url: z.string(),
type: z.enum(["rss", "atom", "json"]),
}),
),
})
.openapi("Feed");
@@ -143,6 +160,9 @@ export const StatsSchema = z
active_feeds: z.number(),
websub_subscriptions_active: z.number(),
attachments_enabled: z.boolean(),
version: z.string().openapi({
description: "Running app version (package.json), inlined at build time.",
}),
last_email_at: z.string().optional(),
last_feed_created_at: z.string().optional(),
first_seen: z.string().optional(),
src/routes/atom.test.ts
+113
View File
@@ -144,4 +144,117 @@ describe("Atom Feed Route", () => {
expect(body).toContain('xmlns="http://www.w3.org/2005/Atom"');
});
});
describe("conditional GET (ETag + Last-Modified)", () => {
const FEED_ID = "test-feed-atom-cget";
const EMAIL_RECEIVED_AT = 1700000001000;
beforeEach(async () => {
const emailKey = `feed:${FEED_ID}:${EMAIL_RECEIVED_AT}`;
await mockEnv.EMAIL_STORAGE.put(
emailKey,
JSON.stringify({
subject: "Atom Subject",
from: "Sender <sender@example.com>",
content: "<p>Body</p>",
receivedAt: EMAIL_RECEIVED_AT,
headers: {},
}),
);
await mockEnv.EMAIL_STORAGE.put(
`feed:${FEED_ID}:metadata`,
JSON.stringify({
emails: [
{
key: emailKey,
subject: "Atom Subject",
receivedAt: EMAIL_RECEIVED_AT,
},
],
}),
);
await mockEnv.EMAIL_STORAGE.put(
`feed:${FEED_ID}:config`,
JSON.stringify({
title: "Atom Cget Feed",
language: "en",
created_at: 1700000000000,
}),
);
});
it("first GET returns 200 with ETag and Last-Modified headers", async () => {
const res = await testApp.request(`/${FEED_ID}`, {}, mockEnv);
expect(res.status).toBe(200);
expect(res.headers.get("ETag")).toBeTruthy();
expect(res.headers.get("Last-Modified")).toBeTruthy();
});
it("GET with matching If-None-Match returns 304 with empty body", async () => {
const first = await testApp.request(`/${FEED_ID}`, {}, mockEnv);
const etag = first.headers.get("ETag")!;
const res = await testApp.request(
`/${FEED_ID}`,
{ headers: { "If-None-Match": etag } },
mockEnv,
);
expect(res.status).toBe(304);
expect(await res.text()).toBe("");
});
it("GET with If-Modified-Since in the future returns 304", async () => {
const future = new Date(EMAIL_RECEIVED_AT + 1000).toUTCString();
const res = await testApp.request(
`/${FEED_ID}`,
{ headers: { "If-Modified-Since": future } },
mockEnv,
);
expect(res.status).toBe(304);
});
it("stale If-None-Match after new email results in 200", async () => {
const first = await testApp.request(`/${FEED_ID}`, {}, mockEnv);
const oldEtag = first.headers.get("ETag")!;
const newReceivedAt = EMAIL_RECEIVED_AT + 5000;
const newEmailKey = `feed:${FEED_ID}:${newReceivedAt}`;
await mockEnv.EMAIL_STORAGE.put(
newEmailKey,
JSON.stringify({
subject: "Newer Atom Email",
from: "Sender <sender@example.com>",
content: "<p>New body</p>",
receivedAt: newReceivedAt,
headers: {},
}),
);
await mockEnv.EMAIL_STORAGE.put(
`feed:${FEED_ID}:metadata`,
JSON.stringify({
emails: [
{
key: newEmailKey,
subject: "Newer Atom Email",
receivedAt: newReceivedAt,
},
{
key: `feed:${FEED_ID}:${EMAIL_RECEIVED_AT}`,
subject: "Atom Subject",
receivedAt: EMAIL_RECEIVED_AT,
},
],
}),
);
const res = await testApp.request(
`/${FEED_ID}`,
{ headers: { "If-None-Match": oldEtag } },
mockEnv,
);
expect(res.status).toBe(200);
const newEtag = res.headers.get("ETag");
expect(newEtag).not.toBe(oldEtag);
});
});
});
src/routes/atom.ts
+18
View File
@@ -5,6 +5,11 @@ import { fetchFeedData } from "../application/feed-fetcher";
import { baseUrl, feedAtomUrl } from "../infrastructure/urls";
import { isExpired } from "../domain/feed";
import { FeedId } from "../domain/value-objects/feed-id";
import {
computeFeedValidators,
isNotModified,
notModifiedResponse,
} from "../infrastructure/http-cache";
export async function handle(c: Context<{ Bindings: Env }>): Promise<Response> {
try {
@@ -21,6 +26,17 @@ export async function handle(c: Context<{ Bindings: Env }>): Promise<Response> {
return new Response("Feed has expired", { status: 410 });
}
const validators = computeFeedValidators(
"atom",
feedId,
feedData.feedConfig,
feedData.emails,
);
if (isNotModified(c.req.raw, validators)) {
return notModifiedResponse(validators);
}
const base = baseUrl(c.env);
const selfUrl = new URL(c.req.url).origin + `/atom/${feedId}`;
const atomXml = generateAtomFeed(
@@ -42,6 +58,8 @@ export async function handle(c: Context<{ Bindings: Env }>): Promise<Response> {
"Cache-Control": "max-age=1800",
"X-Robots-Tag": "noindex",
Link: linkHeader,
ETag: validators.etag,
"Last-Modified": validators.lastModified,
},
});
} catch (error) {
src/routes/home.tsx
+1
View File
@@ -166,6 +166,7 @@ export async function handle(c: Context<{ Bindings: Env }>): Promise<Response> {
label="Forwarded (catch-all)"
value={stats.emails_forwarded}
/>
<Stat label="Deduplicated" value={stats.emails_deduplicated} />
<Stat
label="Acceptance rate"
value={acceptanceRate}
src/routes/inbound.test.ts
+6 -3
View File
@@ -1,7 +1,7 @@
import { describe, it, expect, beforeEach } from "vitest";
import { http, HttpResponse } from "msw";
import worker from "../index";
import { server, createMockEnv, MockR2 } from "../test/setup";
import { server, createMockEnv, MockR2, seedInboundIndex } from "../test/setup";
import type { Env } from "../types";
import type { ForwardEmailPayload } from "../infrastructure/forwardemail";
@@ -64,6 +64,7 @@ describe("POST /api/inbound — IP middleware", () => {
`feed:${VALID_FEED_ID}:config`,
JSON.stringify({ allowed_senders: [] }),
);
await seedInboundIndex(env, VALID_FEED_ID);
});
it("returns 401 when IP is not in the ForwardEmail allowlist", async () => {
@@ -99,9 +100,10 @@ describe("POST /api/inbound — IP middleware", () => {
describe("POST /api/inbound — handler logic", () => {
let env: Env;
beforeEach(() => {
beforeEach(async () => {
stubForwardEmailIps();
env = createMockEnv() as unknown as Env;
await seedInboundIndex(env, VALID_FEED_ID);
});
it("returns 500 on malformed JSON body", async () => {
@@ -232,9 +234,10 @@ describe("POST /api/inbound — handler logic", () => {
describe("POST /api/inbound — attachment upload", () => {
let env: Env;
beforeEach(() => {
beforeEach(async () => {
stubForwardEmailIps();
env = createMockEnv({ withR2: true }) as unknown as Env;
await seedInboundIndex(env, VALID_FEED_ID);
});
it("uploads attachments to R2 and records ids in metadata", async () => {
src/routes/json.test.ts
+143
View File
@@ -0,0 +1,143 @@
import { describe, it, expect, beforeEach } from "vitest";
import { Hono } from "hono";
import { handle } from "./json";
import { createMockEnv } from "../test/setup";
import { Env } from "../types";
describe("JSON Feed Route", () => {
let testApp: Hono;
let mockEnv: Env;
beforeEach(() => {
mockEnv = createMockEnv() as unknown as Env;
testApp = new Hono();
testApp.get("/:feedId", handle);
});
describe("unknown feed", () => {
it("returns 404 when no metadata exists in KV", async () => {
const res = await testApp.request("/nonexistent-feed", {}, mockEnv);
expect(res.status).toBe(404);
expect(await res.text()).toBe("Feed not found");
});
});
describe("valid feed with no emails", () => {
beforeEach(async () => {
await mockEnv.EMAIL_STORAGE.put(
"feed:empty-feed:metadata",
JSON.stringify({ emails: [] }),
);
});
it("returns 200 with application/feed+json content type", async () => {
const res = await testApp.request("/empty-feed", {}, mockEnv);
expect(res.status).toBe(200);
expect(res.headers.get("Content-Type")).toContain(
"application/feed+json",
);
});
it("includes Cache-Control header", async () => {
const res = await testApp.request("/empty-feed", {}, mockEnv);
expect(res.headers.get("Cache-Control")).toBe("max-age=1800");
});
it("sets X-Robots-Tag: noindex", async () => {
const res = await testApp.request("/empty-feed", {}, mockEnv);
expect(res.headers.get("X-Robots-Tag")).toBe("noindex");
});
it("Link header advertises hub and self", async () => {
const res = await testApp.request("/empty-feed", {}, mockEnv);
const link = res.headers.get("Link") ?? "";
expect(link).toContain(`rel="hub"`);
expect(link).toContain(`rel="self"`);
});
it("body parses as JSON with jsonfeed version 1.1", async () => {
const res = await testApp.request("/empty-feed", {}, mockEnv);
const body = (await res.json()) as { version: string; items: unknown[] };
expect(body.version).toBe("https://jsonfeed.org/version/1");
expect(Array.isArray(body.items)).toBe(true);
expect(body.items).toHaveLength(0);
});
});
describe("valid feed with emails", () => {
const FEED_ID = "test-feed-json";
const EMAIL_RECEIVED_AT = 1700000001000;
beforeEach(async () => {
const emailKey = `feed:${FEED_ID}:${EMAIL_RECEIVED_AT}`;
await mockEnv.EMAIL_STORAGE.put(
emailKey,
JSON.stringify({
subject: "JSON Feed Subject",
from: "Sender <sender@example.com>",
content: "<p>Body content</p>",
receivedAt: EMAIL_RECEIVED_AT,
headers: {},
}),
);
await mockEnv.EMAIL_STORAGE.put(
`feed:${FEED_ID}:metadata`,
JSON.stringify({
emails: [
{
key: emailKey,
subject: "JSON Feed Subject",
receivedAt: EMAIL_RECEIVED_AT,
},
],
}),
);
await mockEnv.EMAIL_STORAGE.put(
`feed:${FEED_ID}:config`,
JSON.stringify({
title: "My JSON Feed",
language: "en",
created_at: 1700000000000,
}),
);
});
it("returns 200 with items containing the seeded email", async () => {
const res = await testApp.request(`/${FEED_ID}`, {}, mockEnv);
expect(res.status).toBe(200);
const body = (await res.json()) as {
version: string;
items: Array<{ title: string }>;
};
expect(body.version).toBe("https://jsonfeed.org/version/1");
expect(Array.isArray(body.items)).toBe(true);
expect(body.items).toHaveLength(1);
expect(body.items[0].title).toBe("JSON Feed Subject");
});
});
describe("expired feed", () => {
beforeEach(async () => {
const pastTimestamp = Date.now() - 1000 * 60 * 60 * 24; // 1 day ago
await mockEnv.EMAIL_STORAGE.put(
"feed:expired-feed:metadata",
JSON.stringify({ emails: [] }),
);
await mockEnv.EMAIL_STORAGE.put(
"feed:expired-feed:config",
JSON.stringify({
title: "Expired Feed",
language: "en",
created_at: pastTimestamp,
expires_at: pastTimestamp,
}),
);
});
it("returns 410 for expired feed", async () => {
const res = await testApp.request("/expired-feed", {}, mockEnv);
expect(res.status).toBe(410);
expect(await res.text()).toBe("Feed has expired");
});
});
});
src/routes/json.ts
+51
View File
@@ -0,0 +1,51 @@
import { Context } from "hono";
import { Env } from "../types";
import { generateJsonFeed } from "../infrastructure/feed-generator";
import { fetchFeedData } from "../application/feed-fetcher";
import { baseUrl } from "../infrastructure/urls";
import { isExpired } from "../domain/feed";
import { FeedId } from "../domain/value-objects/feed-id";
export async function handle(c: Context<{ Bindings: Env }>): Promise<Response> {
try {
const feedId = c.req.param("feedId");
if (!feedId) {
return new Response("Feed ID is required", { status: 400 });
}
const feedData = await fetchFeedData(FeedId.unchecked(feedId), c.env);
if (!feedData) {
return new Response("Feed not found", { status: 404 });
}
if (isExpired(feedData.feedConfig)) {
return new Response("Feed has expired", { status: 410 });
}
const base = baseUrl(c.env);
const selfUrl = new URL(c.req.url).origin + `/json/${feedId}`;
const jsonFeed = generateJsonFeed(
feedData.feedConfig,
feedData.emails,
base,
feedId,
selfUrl,
);
const linkHeader = [
`<${base}/hub>; rel="hub"`,
`<${selfUrl}>; rel="self"`,
].join(", ");
return new Response(jsonFeed, {
status: 200,
headers: {
"Content-Type": "application/feed+json",
"Cache-Control": "max-age=1800",
"X-Robots-Tag": "noindex",
Link: linkHeader,
},
});
} catch (error) {
console.error("Error generating JSON feed:", error);
return new Response("Internal Server Error", { status: 500 });
}
}
src/routes/opml.test.ts
+139
View File
@@ -0,0 +1,139 @@
import { describe, it, expect, beforeEach } from "vitest";
import { Hono } from "hono";
import app from "./admin";
import { createMockEnv } from "../test/setup";
import { Env } from "../types";
describe("OPML export — GET /admin/opml", () => {
let testApp: Hono;
let mockEnv: Env;
let request: (path: string, init?: RequestInit) => Promise<Response>;
let loginAndGetCookie: () => Promise<string>;
beforeEach(() => {
mockEnv = createMockEnv() as unknown as Env;
testApp = new Hono();
testApp.route("/admin", app);
request = (path, init = {}) =>
Promise.resolve(testApp.request(path, init, mockEnv));
loginAndGetCookie = async () => {
const formData = new FormData();
formData.append("password", "test-password");
const response = await request("/admin/login", {
method: "POST",
body: formData,
});
expect(response.status).toBe(302);
const setCookie = response.headers.get("Set-Cookie");
expect(setCookie).toBeTruthy();
return (setCookie as string).split(";")[0];
};
});
it("should return 302 redirect to login when not authenticated", async () => {
const res = await request("/admin/opml");
expect(res.status).toBe(302);
expect(res.headers.get("Location")).toBe("/admin/login");
});
it("should return 200 with OPML content when authenticated", async () => {
// Seed two feeds in the registry
await mockEnv.EMAIL_STORAGE.put(
"feeds:list",
JSON.stringify({
feeds: [
{ id: "feed-abc", title: "My Newsletter", description: "Daily news" },
{ id: "feed-xyz", title: "Tech Digest" },
],
}),
);
const authCookie = await loginAndGetCookie();
const res = await request("/admin/opml", {
headers: {
Cookie: authCookie,
Origin: "https://test.getmynews.app",
},
});
expect(res.status).toBe(200);
const contentType = res.headers.get("Content-Type") ?? "";
expect(contentType).toContain("text/x-opml");
expect(res.headers.get("Content-Disposition")).toBe(
'attachment; filename="feeds.opml"',
);
expect(res.headers.get("X-Robots-Tag")).toBe("noindex");
const body = await res.text();
// Valid OPML 2.0 structure
expect(body).toContain('<?xml version="1.0" encoding="UTF-8"?>');
expect(body).toContain('<opml version="2.0">');
expect(body).toContain("<head>");
expect(body).toContain("<title>kill-the-news feeds</title>");
expect(body).toContain("<body>");
// One outline per feed with correct xmlUrl
expect(body).toContain('type="rss"');
expect(body).toContain('text="My Newsletter"');
expect(body).toContain('title="My Newsletter"');
expect(body).toContain('xmlUrl="https://test.getmynews.app/rss/feed-abc"');
expect(body).toContain('description="Daily news"');
expect(body).toContain('text="Tech Digest"');
expect(body).toContain('xmlUrl="https://test.getmynews.app/rss/feed-xyz"');
// feed-xyz has no description — attribute must not appear
const feedXyzLine =
body.split("\n").find((l) => l.includes("feed-xyz")) ?? "";
expect(feedXyzLine).not.toContain("description=");
});
it("should XML-escape special characters in title and description", async () => {
await mockEnv.EMAIL_STORAGE.put(
"feeds:list",
JSON.stringify({
feeds: [
{
id: "feed-special",
title: "News & <Updates>",
description: 'Say "hello" & goodbye',
},
],
}),
);
const authCookie = await loginAndGetCookie();
const res = await request("/admin/opml", {
headers: {
Cookie: authCookie,
Origin: "https://test.getmynews.app",
},
});
expect(res.status).toBe(200);
const body = await res.text();
// Raw special chars must not appear unescaped in attribute values
const outlineLine =
body.split("\n").find((l) => l.includes("feed-special")) ?? "";
expect(outlineLine).toContain("News &amp; &lt;Updates&gt;");
expect(outlineLine).toContain("Say &quot;hello&quot; &amp; goodbye");
expect(outlineLine).not.toContain('title="News & <');
});
it("should return empty body element when there are no feeds", async () => {
const authCookie = await loginAndGetCookie();
const res = await request("/admin/opml", {
headers: {
Cookie: authCookie,
Origin: "https://test.getmynews.app",
},
});
expect(res.status).toBe(200);
const body = await res.text();
expect(body).toContain("<body>");
expect(body).not.toContain("<outline");
});
});
src/routes/opml.ts
+56
View File
@@ -0,0 +1,56 @@
import { Context } from "hono";
import { Env } from "../types";
import { FeedRepository } from "../infrastructure/feed-repository";
import { feedRssUrl } from "../infrastructure/urls";
/**
* Escape a string for use in an XML attribute value.
* Replaces &, <, >, and " with their XML entity equivalents.
*/
function escapeXmlAttr(value: string): string {
return value
.replace(/&/g, "&amp;")
.replace(/</g, "&lt;")
.replace(/>/g, "&gt;")
.replace(/"/g, "&quot;");
}
/**
* Handler for GET /admin/opml
* Exports all feeds as an OPML 2.0 document.
* Protected by the admin auth middleware (inherits from admin Hono app).
*/
export async function handleOpml(c: Context<{ Bindings: Env }>) {
const env = c.env;
const feeds = await FeedRepository.from(env).listFeeds();
const outlines = feeds
.map((feed) => {
const title = escapeXmlAttr(feed.title);
const xmlUrl = escapeXmlAttr(feedRssUrl(feed.id, env));
const descAttr = feed.description
? ` description="${escapeXmlAttr(feed.description)}"`
: "";
return ` <outline type="rss" text="${title}" title="${title}" xmlUrl="${xmlUrl}"${descAttr}/>`;
})
.join("\n");
const opml = `<?xml version="1.0" encoding="UTF-8"?>
<opml version="2.0">
<head>
<title>kill-the-news feeds</title>
</head>
<body>
${outlines}
</body>
</opml>`;
return new Response(opml, {
status: 200,
headers: {
"Content-Type": "text/x-opml; charset=utf-8",
"Content-Disposition": 'attachment; filename="feeds.opml"',
"X-Robots-Tag": "noindex",
},
});
}
src/routes/rss.test.ts
+183
View File
@@ -53,4 +53,187 @@ describe("RSS Feed Route", () => {
expect(link).toContain(`rel="self"`);
});
});
describe("read/write id decoupling", () => {
const OPAQUE_ID = "kZ8xQ2pLm4nR7vT1wB9yJc";
const MAILBOX = "river.castle.42";
const RECEIVED_AT = 1700000002000;
beforeEach(async () => {
const emailKey = `feed:${OPAQUE_ID}:${RECEIVED_AT}`;
await mockEnv.EMAIL_STORAGE.put(
emailKey,
JSON.stringify({
subject: "Private",
from: "Sender <sender@example.com>",
content: "<p>secret body</p>",
receivedAt: RECEIVED_AT,
headers: {},
}),
);
await mockEnv.EMAIL_STORAGE.put(
`feed:${OPAQUE_ID}:metadata`,
JSON.stringify({
emails: [
{ key: emailKey, subject: "Private", receivedAt: RECEIVED_AT },
],
}),
);
await mockEnv.EMAIL_STORAGE.put(
`feed:${OPAQUE_ID}:config`,
JSON.stringify({
title: "Decoupled Feed",
language: "en",
mailbox_id: MAILBOX,
created_at: 1700000000000,
}),
);
// The inbound index points the address at the feed (reception only).
await mockEnv.EMAIL_STORAGE.put(`inbound:${MAILBOX}`, OPAQUE_ID);
});
it("serves the feed by its opaque read id", async () => {
const res = await testApp.request(`/${OPAQUE_ID}`, {}, mockEnv);
expect(res.status).toBe(200);
});
it("returns 404 when read by the inbound mailbox (no coupling)", async () => {
const res = await testApp.request(`/${MAILBOX}`, {}, mockEnv);
expect(res.status).toBe(404);
});
it("never leaks the inbound mailbox in the feed body", async () => {
const res = await testApp.request(`/${OPAQUE_ID}`, {}, mockEnv);
expect(await res.text()).not.toContain(MAILBOX);
});
});
describe("conditional GET (ETag + Last-Modified)", () => {
const FEED_ID = "test-feed-rss-cget";
const EMAIL_RECEIVED_AT = 1700000001000;
beforeEach(async () => {
const emailKey = `feed:${FEED_ID}:${EMAIL_RECEIVED_AT}`;
await mockEnv.EMAIL_STORAGE.put(
emailKey,
JSON.stringify({
subject: "RSS Subject",
from: "Sender <sender@example.com>",
content: "<p>Body</p>",
receivedAt: EMAIL_RECEIVED_AT,
headers: {},
}),
);
await mockEnv.EMAIL_STORAGE.put(
`feed:${FEED_ID}:metadata`,
JSON.stringify({
emails: [
{
key: emailKey,
subject: "RSS Subject",
receivedAt: EMAIL_RECEIVED_AT,
},
],
}),
);
await mockEnv.EMAIL_STORAGE.put(
`feed:${FEED_ID}:config`,
JSON.stringify({
title: "RSS Cget Feed",
language: "en",
created_at: 1700000000000,
}),
);
});
it("first GET returns 200 with ETag and Last-Modified headers", async () => {
const res = await testApp.request(`/${FEED_ID}`, {}, mockEnv);
expect(res.status).toBe(200);
expect(res.headers.get("ETag")).toBeTruthy();
expect(res.headers.get("Last-Modified")).toBeTruthy();
});
it("GET with matching If-None-Match returns 304 with empty body", async () => {
const first = await testApp.request(`/${FEED_ID}`, {}, mockEnv);
const etag = first.headers.get("ETag")!;
const res = await testApp.request(
`/${FEED_ID}`,
{ headers: { "If-None-Match": etag } },
mockEnv,
);
expect(res.status).toBe(304);
expect(await res.text()).toBe("");
});
it("GET with If-Modified-Since in the future returns 304", async () => {
const future = new Date(EMAIL_RECEIVED_AT + 1000).toUTCString();
const res = await testApp.request(
`/${FEED_ID}`,
{ headers: { "If-Modified-Since": future } },
mockEnv,
);
expect(res.status).toBe(304);
});
it("stale If-None-Match after new email results in 200", async () => {
// Get ETag before new email
const first = await testApp.request(`/${FEED_ID}`, {}, mockEnv);
const oldEtag = first.headers.get("ETag")!;
// Add a newer email
const newReceivedAt = EMAIL_RECEIVED_AT + 5000;
const newEmailKey = `feed:${FEED_ID}:${newReceivedAt}`;
await mockEnv.EMAIL_STORAGE.put(
newEmailKey,
JSON.stringify({
subject: "Newer Email",
from: "Sender <sender@example.com>",
content: "<p>New body</p>",
receivedAt: newReceivedAt,
headers: {},
}),
);
await mockEnv.EMAIL_STORAGE.put(
`feed:${FEED_ID}:metadata`,
JSON.stringify({
emails: [
{
key: newEmailKey,
subject: "Newer Email",
receivedAt: newReceivedAt,
},
{
key: `feed:${FEED_ID}:${EMAIL_RECEIVED_AT}`,
subject: "RSS Subject",
receivedAt: EMAIL_RECEIVED_AT,
},
],
}),
);
const res = await testApp.request(
`/${FEED_ID}`,
{ headers: { "If-None-Match": oldEtag } },
mockEnv,
);
expect(res.status).toBe(200);
const newEtag = res.headers.get("ETag");
expect(newEtag).not.toBe(oldEtag);
});
it("RSS and Atom ETags for the same feed differ", async () => {
const rssRes = await testApp.request(`/${FEED_ID}`, {}, mockEnv);
const rssEtag = rssRes.headers.get("ETag")!;
// Use a separate atom app to get the atom ETag
const { handle: atomHandle } = await import("./atom");
const atomApp = new Hono();
atomApp.get("/:feedId", atomHandle);
const atomRes = await atomApp.request(`/${FEED_ID}`, {}, mockEnv);
const atomEtag = atomRes.headers.get("ETag")!;
expect(rssEtag).not.toBe(atomEtag);
});
});
});
src/routes/rss.ts
+18
View File
@@ -5,6 +5,11 @@ import { fetchFeedData } from "../application/feed-fetcher";
import { baseUrl, feedRssUrl } from "../infrastructure/urls";
import { isExpired } from "../domain/feed";
import { FeedId } from "../domain/value-objects/feed-id";
import {
computeFeedValidators,
isNotModified,
notModifiedResponse,
} from "../infrastructure/http-cache";
export async function handle(c: Context<{ Bindings: Env }>): Promise<Response> {
try {
@@ -21,6 +26,17 @@ export async function handle(c: Context<{ Bindings: Env }>): Promise<Response> {
return new Response("Feed has expired", { status: 410 });
}
const validators = computeFeedValidators(
"rss",
feedId,
feedData.feedConfig,
feedData.emails,
);
if (isNotModified(c.req.raw, validators)) {
return notModifiedResponse(validators);
}
const base = baseUrl(c.env);
const selfUrl = new URL(c.req.url).origin + `/rss/${feedId}`;
const rssXml = generateRssFeed(
@@ -42,6 +58,8 @@ export async function handle(c: Context<{ Bindings: Env }>): Promise<Response> {
"Cache-Control": "max-age=1800",
"X-Robots-Tag": "noindex",
Link: linkHeader,
ETag: validators.etag,
"Last-Modified": validators.lastModified,
},
});
} catch (error) {
src/scripts/client/dashboard.ts
+2 -2
View File
@@ -139,14 +139,14 @@ function setupFeedTableResizing(): void {
title: 220,
feedId: 120,
email: 160,
rss: 160,
formats: 200,
actions: 160,
};
const defaultWidths: Record<string, number> = {
title: 340,
feedId: 160,
email: 220,
rss: 220,
formats: 230,
actions: 200,
};
src/scripts/client/emails-page.ts
+38
View File
@@ -615,3 +615,41 @@ async function bulkDeleteSelectedEmails(): Promise<void> {
document.addEventListener("DOMContentLoaded", () => {
initEmailUI();
});
// ── Confirmation banner dismiss ───────────────────────────────────────────────
const dismissBtn = document.getElementById("confirmation-dismiss");
const banner = document.getElementById("confirmation-banner");
if (dismissBtn && banner) {
dismissBtn.addEventListener("click", () => {
const feedId = banner.getAttribute("data-feed-id") ?? "";
fetch(`/admin/feeds/${feedId}/confirmation/dismiss`, {
method: "POST",
headers: { "Content-Type": "application/json" },
})
.then((r) => r.json())
.then((d) => {
if ((d as { ok?: boolean }).ok) banner.remove();
})
.catch(() => {});
});
}
// ── Native-feed banner dismiss ────────────────────────────────────────────────
const nativeDismissBtn = document.getElementById("native-feed-dismiss");
const nativeBanner = document.getElementById("native-feed-banner");
if (nativeDismissBtn && nativeBanner) {
nativeDismissBtn.addEventListener("click", () => {
const feedId = nativeBanner.getAttribute("data-feed-id") ?? "";
fetch(`/admin/feeds/${feedId}/native-feed/dismiss`, {
method: "POST",
headers: { "Content-Type": "application/json" },
})
.then((r) => r.json())
.then((d) => {
if ((d as { ok?: boolean }).ok) nativeBanner.remove();
})
.catch(() => {});
});
}
src/styles/components.css
+237 -11
View File
@@ -295,6 +295,19 @@ label {
color: var(--color-text-secondary);
}
.checkbox-label {
display: flex;
align-items: center;
gap: var(--spacing-sm);
cursor: pointer;
}
.checkbox-label input[type="checkbox"] {
width: auto;
margin: 0;
cursor: pointer;
}
input[type="text"],
input[type="email"],
input[type="search"],
@@ -554,6 +567,20 @@ textarea:focus {
border-color: transparent;
}
.toggle-view-link {
margin-left: auto;
align-self: center;
color: var(--color-text-secondary);
font-size: var(--font-size-sm);
font-weight: var(--font-weight-medium);
text-decoration: none;
transition: color var(--transition-fast);
}
.toggle-view-link:hover {
color: var(--color-primary);
}
/* Email content container */
.email-content {
margin-top: var(--spacing-md);
@@ -887,6 +914,103 @@ table.table code {
flex-wrap: wrap;
}
/* ── Feed format chips ("Subscribe" block) ── */
.feed-formats {
display: flex;
flex-direction: column;
gap: var(--spacing-xs);
}
.feed-formats-label {
font-weight: var(--font-weight-semibold);
color: var(--color-text-secondary);
font-size: var(--font-size-sm);
user-select: none;
}
.feed-formats-chips {
display: flex;
flex-wrap: wrap;
gap: var(--spacing-sm);
}
.format-chip {
display: inline-flex;
align-items: center;
gap: var(--spacing-xs);
padding: 4px 6px 4px 10px;
border: 1px solid var(--color-border);
border-radius: 999px;
background-color: rgba(60, 60, 67, 0.06);
transition:
border-color var(--transition-fast),
background-color var(--transition-fast);
}
.format-chip:hover {
border-color: var(--color-primary);
}
.format-chip-label {
font-weight: var(--font-weight-semibold);
font-size: var(--font-size-sm);
letter-spacing: 0.02em;
user-select: none;
}
.format-chip-actions {
display: inline-flex;
align-items: center;
gap: 2px;
}
.chip-action,
.copyable.copyable-chip .copyable-content {
display: inline-flex;
align-items: center;
justify-content: center;
width: 26px;
height: 26px;
padding: 0;
border-radius: var(--radius-sm);
color: var(--color-text-secondary);
cursor: pointer;
transition:
background-color var(--transition-fast),
color var(--transition-fast);
}
.chip-action:hover,
.copyable.copyable-chip .copyable-content:hover {
background-color: rgba(60, 60, 67, 0.18);
color: var(--color-primary);
}
/* Strip the boxed wrapper styling so only the icon button shows in a chip */
.copyable.copyable-chip {
margin: 0;
padding: 0;
background: transparent;
border: none;
}
.copyable.copyable-chip .copyable-content {
flex: 0 0 auto;
}
.chip-icon {
flex: 0 0 auto;
}
/* Compact variant for the feeds table cell */
.feed-formats-compact .feed-formats-chips {
gap: 6px;
}
.feed-formats-compact .format-chip {
padding: 2px 4px 2px 8px;
}
.button-delete {
transition:
background-color 180ms ease,
@@ -1064,17 +1188,6 @@ table.table code {
border-color: rgba(255, 69, 58, 0.35);
}
/* Validation badges */
.feed-validate {
display: flex;
gap: 0.5rem;
margin-top: 1rem;
}
.feed-validate img {
display: block;
}
/* Feed and Email Lists */
.feed-list,
.email-list {
@@ -1246,3 +1359,116 @@ table.table code {
font-size: 0.9rem;
}
}
/* ── Subscription confirmation surfacing ── */
/* Inline badge in the email-list subject cell (next to .attachment-indicator) */
.confirmation-badge {
flex: 0 0 auto;
display: inline-flex;
align-items: center;
font-size: var(--font-size-xs);
font-weight: var(--font-weight-semibold);
color: var(--color-text-on-primary);
background: var(--color-primary);
border-radius: var(--radius-pill);
padding: 1px 8px;
}
/* Dashboard pill — <a class="pill pill-confirmation"> */
.pill-confirmation {
background: var(--color-primary);
color: var(--color-text-on-primary);
border-color: transparent;
text-decoration: none;
transition:
opacity var(--transition-fast),
transform var(--transition-fast);
}
.pill-confirmation:hover {
opacity: 0.88;
transform: translateY(-1px);
}
/* Dashboard pill — <a class="pill pill-native"> */
.pill-native {
background: var(--color-card);
color: var(--color-primary);
border-color: var(--color-primary);
text-decoration: none;
transition:
opacity var(--transition-fast),
transform var(--transition-fast);
}
.pill-native:hover {
opacity: 0.88;
transform: translateY(-1px);
}
/* Native-feeds group sits below the KTN "Subscribe" chips */
.native-feeds {
margin-top: var(--spacing-sm);
}
/* Top banner on the feed emails page */
.confirmation-banner {
display: flex;
align-items: center;
justify-content: space-between;
gap: var(--spacing-md);
padding: var(--spacing-md);
margin-bottom: var(--spacing-md);
border: 1px solid var(--color-primary);
border-radius: var(--radius-md);
background-color: rgba(246, 130, 31, 0.07);
}
@media (prefers-color-scheme: light) {
.confirmation-banner {
background-color: rgba(224, 112, 16, 0.06);
}
}
.confirmation-banner-actions {
display: flex;
align-items: center;
gap: var(--spacing-sm);
flex-shrink: 0;
}
/* Bordered box on the email detail page */
.confirmation-section {
margin-bottom: var(--spacing-lg);
padding: var(--spacing-md);
border: 1px solid var(--color-primary);
border-radius: var(--radius-md);
background-color: rgba(246, 130, 31, 0.07);
}
@media (prefers-color-scheme: light) {
.confirmation-section {
background-color: rgba(224, 112, 16, 0.06);
}
}
.confirmation-section h2 {
margin: 0 0 var(--spacing-sm);
font-size: var(--font-size-md);
}
/* Primary CTA button inside the confirmation section */
.confirmation-primary {
display: inline-block;
margin-bottom: var(--spacing-sm);
}
/* Column of confirmation links */
.confirmation-links {
display: flex;
flex-direction: column;
gap: var(--spacing-xs);
word-break: break-all;
font-size: var(--font-size-sm);
}
src/styles/layout.css
+5
View File
@@ -247,3 +247,8 @@
.site-footer-sponsor:hover {
color: #db61a2 !important;
}
.site-footer-version {
font-variant-numeric: tabular-nums;
opacity: 0.7;
}
src/test/setup.ts
+14
View File
@@ -1,5 +1,6 @@
import { beforeAll, afterAll, afterEach } from "vitest";
import { setupServer } from "msw/node";
import { feedKeys } from "../domain/feed-keys";
// Minimal Node.js built-ins used only in this test setup file.
// Declared locally to avoid pulling in the full @types/node package,
@@ -263,3 +264,16 @@ export const createMockEnv = (options: { withR2?: boolean } = {}) => ({
? { ATTACHMENT_BUCKET: new MockR2() as unknown as R2Bucket }
: {}),
});
/**
* Seed the `inbound:<mailbox> → <feedId>` index that email reception resolves
* through. Defaults the feed id to the mailbox (the common unit-test shape where
* a feed is keyed by the same string as its inbound address).
*/
export async function seedInboundIndex(
env: { EMAIL_STORAGE: { put: (k: string, v: string) => Promise<unknown> } },
mailboxId: string,
feedId: string = mailboxId,
): Promise<void> {
await env.EMAIL_STORAGE.put(feedKeys.inbound(mailboxId), feedId);
}
src/types/index.ts
+32
View File
@@ -42,10 +42,15 @@ export interface EmailData {
export interface FeedConfig {
title: string;
description?: string;
// Inbound mailbox local part (noun.noun.NN): the feed's email address is
// `mailbox_id@domain`. Decoupled from the feed's id (the opaque read id).
mailbox_id: string;
allowed_senders?: string[];
blocked_senders?: string[];
language: string;
author?: string;
// When true, entry titles in the feed output are rendered as `[Sender] Subject`.
sender_in_title?: boolean;
created_at: number;
updated_at?: number;
expires_at?: number; // Unix timestamp ms — present when a TTL is configured
@@ -58,6 +63,23 @@ export interface FeedMetadata {
// RFC 8058 one-click unsubscribe URLs, keyed by sender so each newsletter on
// the feed keeps its own (latest) link; fired when the feed is deleted.
unsubscribe?: Record<string, string>;
// True while at least one unactioned confirmation email is present. Raised on
// ingest, lowered by an admin "dismiss" or when the last confirmation email is
// removed. Projected into feeds:list for the dashboard.
pendingConfirmation?: boolean;
// Native syndication feeds (Atom/RSS/JSON) senders advertised via
// <link rel="alternate">, keyed by sender. Latest non-empty per sender wins.
nativeFeeds?: Record<string, NativeFeed[]>;
// True when the admin dismissed the native-feed notice; suppresses the
// dashboard pill while the URLs stay available in the feed detail view.
nativeFeedDismissed?: boolean;
}
// A syndication feed a newsletter advertises about itself (via
// <link rel="alternate">), as opposed to the KTN-generated feed.
export interface NativeFeed {
url: string;
type: "rss" | "atom" | "json";
}
// Email metadata interface (summary info for listing)
@@ -68,6 +90,11 @@ export interface EmailMetadata {
size?: number;
attachmentIds?: string[]; // Downloadable attachments (shown to the user)
inlineAttachmentIds?: string[]; // Inline images: hidden from lists, still cleaned up
messageId?: string; // RFC 2822 Message-ID header (dedup primary key)
dedupHash?: string; // SHA-256 hex of normalized subject+content (dedup fallback)
// Detected subscription-confirmation links (ranked top-3). Present ⇒ the email
// was detected as a confirmation request.
confirmation?: { links: string[] };
}
// Feed list interface
@@ -80,7 +107,10 @@ export interface FeedListItem {
id: string;
title: string;
description?: string;
mailbox_id: string; // Cached inbound address local part (admin/API display)
expires_at?: number; // Cached from FeedConfig to avoid per-feed KV reads
pendingConfirmation?: boolean; // Projected from FeedMetadata for the dashboard
hasNativeFeed?: boolean; // Projected from FeedMetadata for the dashboard pill
}
// Cumulative monitoring counters (persisted as a KV singleton)
@@ -92,6 +122,7 @@ export interface Counters {
// Subset of emails_rejected: non-feed mail forwarded to FALLBACK_FORWARD_ADDRESS
// instead of dropped. Dropped count = emails_rejected emails_forwarded.
emails_forwarded: number;
emails_deduplicated: number; // Duplicate deliveries silently skipped (not stored)
unsubscribes_sent: number;
last_email_at?: string; // ISO 8601
last_feed_created_at?: string; // ISO 8601
@@ -108,6 +139,7 @@ export interface StatsResponse extends Counters {
active_feeds: number;
websub_subscriptions_active: number;
attachments_enabled: boolean;
version: string; // Running app version (package.json), inlined at build time
}
// WebSub (PubSubHubbub) subscription configuration
tsconfig.json
+1
View File
@@ -4,6 +4,7 @@
"module": "ESNext",
"moduleResolution": "bundler",
"esModuleInterop": true,
"resolveJsonModule": true,
"strict": true,
"lib": ["ES2021"],
"types": ["@cloudflare/workers-types"],